partial updates with yum and ansible

Asking for a friend...

Some legacy systems require the NFS automouter on RHEL 3, which requires NFSv2. This was deprecated long ago, but still worked in the release of RHEL 7.9, but has since been broken by a few kernel updates. Is there a relatively simple way to update everything on the RHEL 7 server except the advisories that update some given package list with ansible?

My current thoughts are to parse the output of yum updateinfo list with python and generate a list of advisories (and generate a YAML variable list for ansible loop to) give to yum update-minimal. When newer advisories come out, repeat the process which now inserts the newer advisories and comments out the older ones they replace. That keeps ansible and yum from updating hundreds or thousands of advisories that will just be replaced by some other update anyway and lets you only look for two or three updates to worry about in a big list instead of dozens or hundreds.

But that seems overly complex and very painful. Is there a way to just tell yum to apply everything current except leave a given set of packages alone and skip any advisory that would update one of them? Has someone else already done something like that python program I am thinking about? Am I thinking about this totally wrong? (Obviously the proper fix it to replace the antiques and move them to the Smithsonian, or a landfill, but I don't have enough disposable cash or time to donate it all for other people's bad decisions.)