Bug 740207

Summary: yum shell ignores --security
Product: Red Hat Enterprise Linux 6 Reporter: Marko Myllynen <myllynen>
Component: yumAssignee: James Antill <james.antill>
Status: CLOSED CANTFIX QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.1CC: ffesti, james.antill, mattdm, maxamillion, pmatilai, tla, zpavlas
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 740206 Environment:
Last Closed: 2012-07-31 19:40:15 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 740206    
Bug Blocks:    

Description Marko Myllynen 2011-09-21 09:50:19 UTC 
+++ This bug was initially created as a clone of Bug #740206 +++

Description of problem:
With yum --security shell the --security parameter is ignored, all packages are considered for update. This was noticed while implementing "apply security updates only" option for yum-cron which is now being blocked by this issue.

Version-Release number of selected component (if applicable):
yum-3.2.29-17.el6.noarch
Comment 2 RHEL Product and Program Management 2011-10-07 16:20:21 UTC 
Since RHEL 6.2 External Beta has begun, and this bug remains
unresolved, it has been rejected as it is not proposed as
exception or blocker.

Red Hat invites you to ask your support representative to
propose this request, if appropriate and relevant, in the
next release of Red Hat Enterprise Linux.
Comment 3 James Antill 2012-07-31 19:40:15 UTC 
This can't really be fixed, easily. We'd need a new way of filtering things, and there's not even been any concrete talk upstream recently about that.

yum-cron is being changed upstream, so it doesn't use "yum shell" anymore, so that'll workaround the issue.