Why the '--sec-security=' option is not honoring the packages as per Severity?

Solution Verified - Updated -

Issue

  • The command yum updateinfo list security updates --sec-severity=Critical should list only Critical packages. However, it does not work and all the packages are listed. The same happens with Important and Moderate.
[root@rhel8 ~]# yum updateinfo list security updates --sec-severity=Critical
Updating Subscription Management repositories.
Last metadata expiration check: 0:37:56 ago on Tue 16 Jul 2019 06:24:30 PM IST.
RHSA-2019:0966 Critical/Sec.  firefox-60.6.1-1.el8.x86_64
RHSA-2019:1269 Critical/Sec.  firefox-60.7.0-1.el8_0.x86_64
RHSA-2019:1517 Moderate/Sec.  gvfs-1.36.2-2.el8_0.1.x86_64
RHSA-2019:1517 Moderate/Sec.  gvfs-afc-1.36.2-2.el8_0.1.x86_64
RHSA-2019:1167 Important/Sec. kernel-4.18.0-80.1.2.el8_0.x86_64
RHSA-2019:1479 Important/Sec. kernel-4.18.0-80.4.2.el8_0.x86_64
RHSA-2019:0983 Important/Sec. wget-1.19.5-7.el8_0.1.x86_64

This does not happen in Red Hat Enterprise Linux 7.x or Red Hat Enterprise Linux 6.x. The command only fails if security updates is used.

[root@rhel8 ~]# yum updateinfo list --secseverity=Moderate     <----- getting required results
Updating Subscription Management repositories.
Last metadata expiration check: 0:06:18 ago on Thu 18 Jul 2019 11:07:35 AM EDT.
RHSA-2019:0990 Moderate/Sec. systemd-239-13.el8_0.3.x86_64
RHSA-2019:0990 Moderate/Sec. systemd-libs-239-13.el8_0.3.x86_64

[root@rhel8 ~]# yum updateinfo list updates --secseverity=Moderate       <----- getting required results
Updating Subscription Management repositories.
Last metadata expiration check: 0:07:40 ago on Thu 18 Jul 2019 11:07:35 AM EDT.
RHSA-2019:0990 Moderate/Sec. systemd-239-13.el8_0.3.x86_64
RHSA-2019:0990 Moderate/Sec. systemd-libs-239-13.el8_0.3.x86_64

Environment

  • Red Hat Enterprise Linux 8.0

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content