RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Description of problem:

  Needs more detailed explanation about package selection mechanism of update-minimum command with '--advisory' option to update by a specific advisory for customer who's seriously concerned about security issue and minimal changes on the systems

Version-Release number of selected component (if applicable):

  RHEL6 and 7
  yum-utils-1.1.30, yum-utils-1.1.31


How reproducible:

  Always.

Steps to Reproduce:
1. Check manpage , yum-security
2.
3.

Actual results:

  No detailed explanation about how minimal-updates works.


Expected results:

  We need detailed explanation about how minimal-updates works for customer who's seriously concerned about security issue and minimal changes on the systems to be able to plan/prepare about upgrading.

Additional info:

   Though we can see upstream commit log said (http://yum.baseurl.org/gitweb?p=yum-utils.git;a=commit;h=a5c7a3011bb9d2497c980791111389d226445281), we don't have yum-plugin-security as a part of yum-utils packages anymore, so we cannot find it in Git tree ( http://yum.baseurl.org/gitweb?p=yum-utils.git;a=tree;f=plugins/security ), but RHEL7 and 6 customer will use this plugin for a while, so we need explicit description about behavior of update-minimal with '--advisory' or other options.

   We prepared https://access.redhat.com/solutions/220033 ,but customer want to have more accurate and detailed description about behaviour.

Created attachment 1009613 [details]
man page patch

Created attachment 1016270 [details]
updated patch

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-1295.html