Cumulative Security Updates
I have a group of systems running red hat 6.4 and 6.8 that have not been patched whatsoever since the os was installed. These systems are all on a disconnected network. I know how to configure a repository and install the rpms, however, is there a way to download all security updates at once? I guess i am also unsure of how security patches work with RHEL. If i download the binary iso for 6.9 and run yum --security update, will that retrieve the most current mitigations for RHEL 6 systems? Lastly, I have read the summary about backporting and i still do not understand how it applies.
Responses
You could run 'yum update' to get all installed (applicable) packages updated from an ISO image of higher release of same major version. All erratas would get bundled in the next consecutive minor release. I don't think it is possible to only pull out security related patches from an ISO image of packages, just like how yum-security plugin would does this. There may be some other way which I'm not aware of.
This link shows more details about updating an offline system :[https://access.redhat.com/solutions/29269]
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.