How to only install security updates

server apt updates security vmware

45,196

Is it possible to only install the security updates?

Answer is : yes.

You can use unattended-upgrades which can handle automatic installation of security upgrades in Ubuntu system. Running sudo unattended-upgrade will install all the security package available for upgrade.

Install this package if it isn't already installed using

sudo apt-get install unattended-upgrades

To enable it type

sudo dpkg-reconfigure  unattended-upgrades

and select "yes".

You can also use it with the cron to schedule(weekly, monthly) an automatic security update.

See the Official Ubuntu Documentation for a comprehensive explanation

Just as a side note: If you have several machine, I would suggest you to create a local repository so that you will not need to download same package again and again in several machine. See here.

45,196

Ariejan

Updated on September 18, 2022

Comments

Ariejan over 1 year

Is it possible to only install the security updates. If this is possible it needs to be done on several servers and ubuntu virtual machines (Manually in command line) .

I already tried a few solutions but nothing worked out for me. The goal is that by running a script of some sort to sort the security updates together and then update only the security updates.

It isn't possible to install them automatic because the servers and the virtual machines have great impact on the company.

Btw I am a noob on linux / ubuntu . Tried (sudo apt-get upgrade but this only upgrade the existing software , Tried this with no result apt-get -s dist-upgrade | grep "^Inst" | grep -i securi | awk -F " " {'print $2'} | xargs apt-get install , Also tried this sudo sh -c 'grep ^deb /etc/apt/sources.list |grep securi >> /etc/apt/sources.security.repos.only.list' with no result. The only option i see left i manualy download the updates and then sort them out.
I already saw that article . sudo sh -c 'apt-get -o Dir::Etc::sourcelist="secsrc.list" \ -o Dir::Etc::sourceparts="-" update && \ apt-get --assume-no upgrade' . Maybe there is a possibility to workt together with this the command abbove ? So that i only need to download the security updates , and becouse it is a company servers i cant just shutdown rest of the reposotory .
- Adaephon over 9 years
  
  Please tell us, what you already tried. Not only can we than avoid posting answers that you already tried unsuccessfully, we also might find a way to make your previous attempts work.
- Rinzwind over 9 years
  
  see askubuntu.com/questions/194/…
- Ariejan over 9 years
  
  Bte I am a noob on linux / ubuntu . Tried (sudo apt-get upgrade but this only upgrade the existing software , Tried this with no result apt-get -s dist-upgrade | grep "^Inst" | grep -i securi | awk -F " " {'print $2'} | xargs apt-get install , Also tried this sudo sh -c 'grep ^deb /etc/apt/sources.list |grep securi >> /etc/apt/sources.security.repos.only.list' with no result. The only option i see left i manualy download the updates and then sort them out.
- Ariejan over 9 years
  
  I already saw that article . sudo sh -c 'apt-get -o Dir::Etc::sourcelist="secsrc.list" \ -o Dir::Etc::sourceparts="-" update && \ apt-get --assume-no upgrade' . Maybe there is a possibility to workt together with this the command abbove ? So that i only need to download the security updates , and becouse it is a company servers i cant just shutdown rest of the reposotory .
- Rmano over 9 years
  
  Please, add the content of the last two comments in the queston. The y are unreadable like they are now, and even if you have had your answer, you should think in future newbies ;-)
- rackandboneman about 6 years
  
  It seems that the question assumes that some of the updates, even within a stable release, are not considered security updates. Actually, they are. If the question is about somehow classifying such updates by severity/impact, the question is neither a duplicate nor trivial!
Ariejan over 9 years

Tried and it works . But does it automatic install it or need i run the sudo unattended-upgrade to install it. And thanks for al your help :)
g_p over 9 years

Second command will configure it to download and install stable security update automatically. No need to download manually.
jpaugh over 7 years

Is there a way to do this just with apt-get?
g_p over 7 years

@jpaugh, as per my knowledge, there is no such feature in apt-get that can automate the update process.
Johan Boulé almost 5 years

Tried this on Ubuntu 16.04. It goes in a loop displaying 12 times Starting pkgProblemResolver with broken count: 0 Starting 2 pkgProblemResolver with broken count: 0 Done, then it hangs. Disappointing. I'm sure there was a correct way to do that 15 years ago, but I can't remember it. Anyway, there's nearly no security backport anymore on this old LTS.
Johan Boulé almost 5 years

The linked official documentation explains how to do it "proper", with just the standard packaging tool of the moment (aptsomething).