Are security updates applied with `dnf update` or is it separate procedure in Linux?

Boppity Bop

8/22/23, 3:25 PM

I found this vulnerability with polkit. It was found in Jan 22. How does keeping Linux updated security wise works in general?

If I run dnf update on CentOS9 - will it fix it? Or shall I look into each and every vulnerability myself and fix it manually?

0 + 0

security

linux

hacking

centos9

Boppity Bop

8/22/23, 3:40 PM

it says `CentOS9` in the text and in the tag. -\o/-

Score:3

Server

Kwakou-Steve

8/22/23, 11:33 PM

It should fix it.
Errata are of three types: bug, security and enhancements.
with dnf update, you will get all of them.
You can filter as well; for e.g., to check only for security updates, run:
dnf check-update --security
and you can apply them with:
dnf update --security

0 + 0

A.B

8/23/23, 10:25 AM

I don't know if this is still relevant since CentOS became part of RedHat and its usecase was changed from clone to upstream beta release, but before this, CentOS7 (contrary to RHEL7) didn't tag security updates, meaning you had to apply *all* updates to get *security* updates. See this Q/A: [Update CentOS Security Patches](https://serverfault.com/questions/996189/update-centos-security-patches)

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Are security updates applied with `dnf update` or is it separate procedure in Linux?

TH: การอัปเดตความปลอดภัยใช้กับ `dnf update' หรือเป็นขั้นตอนแยกต่างหากใน Linux

RO: Se aplică actualizările de securitate cu „dnf update” sau este o procedură separată în Linux?

RU: Обновления безопасности применяются с помощью dnf update или это отдельная процедура в Linux?

VI: Các bản cập nhật bảo mật có được áp dụng với `dnf update` hay là một quy trình riêng biệt trong Linux?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.