Linux - display or upgrade security updates only using apt

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
8
down vote

favorite
3












is there a way to list or install security upgrades only using apt?



if I list upgrades with:



apt list --upgradable


can I also see without knowing packages and libraries which upgrades are relevant security upgrades.



and furthermore is there an option to only apply those by skipping any others, so the non-security-relevant upgrades would be prompted again next time I run apt upgrade?










share|improve this question























  • so you have two questions, 1.print security updates, 2.update only selected packages, well I know that there are 6 links in sources.list and two of them are security related repo links, you can see which upgradable packages would be downloaded from each link by following command: sudo apt upgrade --no-upgrade --assume-no --print-uris
    – Brian SP2
    Sep 26 '17 at 6:57











  • but about second question, apparently you can choose a single package to be upgraded by the following command sudo apt upgrade --upgrade-only <package name> but this doesn't work for me, sorry
    – Brian SP2
    Sep 26 '17 at 6:58














up vote
8
down vote

favorite
3












is there a way to list or install security upgrades only using apt?



if I list upgrades with:



apt list --upgradable


can I also see without knowing packages and libraries which upgrades are relevant security upgrades.



and furthermore is there an option to only apply those by skipping any others, so the non-security-relevant upgrades would be prompted again next time I run apt upgrade?










share|improve this question























  • so you have two questions, 1.print security updates, 2.update only selected packages, well I know that there are 6 links in sources.list and two of them are security related repo links, you can see which upgradable packages would be downloaded from each link by following command: sudo apt upgrade --no-upgrade --assume-no --print-uris
    – Brian SP2
    Sep 26 '17 at 6:57











  • but about second question, apparently you can choose a single package to be upgraded by the following command sudo apt upgrade --upgrade-only <package name> but this doesn't work for me, sorry
    – Brian SP2
    Sep 26 '17 at 6:58












up vote
8
down vote

favorite
3









up vote
8
down vote

favorite
3






3





is there a way to list or install security upgrades only using apt?



if I list upgrades with:



apt list --upgradable


can I also see without knowing packages and libraries which upgrades are relevant security upgrades.



and furthermore is there an option to only apply those by skipping any others, so the non-security-relevant upgrades would be prompted again next time I run apt upgrade?










share|improve this question















is there a way to list or install security upgrades only using apt?



if I list upgrades with:



apt list --upgradable


can I also see without knowing packages and libraries which upgrades are relevant security upgrades.



and furthermore is there an option to only apply those by skipping any others, so the non-security-relevant upgrades would be prompted again next time I run apt upgrade?







debian security apt upgrade






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Oct 9 '17 at 13:32









Jeff Schaller

32.3k849110




32.3k849110










asked Sep 26 '17 at 0:22









nath

633421




633421











  • so you have two questions, 1.print security updates, 2.update only selected packages, well I know that there are 6 links in sources.list and two of them are security related repo links, you can see which upgradable packages would be downloaded from each link by following command: sudo apt upgrade --no-upgrade --assume-no --print-uris
    – Brian SP2
    Sep 26 '17 at 6:57











  • but about second question, apparently you can choose a single package to be upgraded by the following command sudo apt upgrade --upgrade-only <package name> but this doesn't work for me, sorry
    – Brian SP2
    Sep 26 '17 at 6:58
















  • so you have two questions, 1.print security updates, 2.update only selected packages, well I know that there are 6 links in sources.list and two of them are security related repo links, you can see which upgradable packages would be downloaded from each link by following command: sudo apt upgrade --no-upgrade --assume-no --print-uris
    – Brian SP2
    Sep 26 '17 at 6:57











  • but about second question, apparently you can choose a single package to be upgraded by the following command sudo apt upgrade --upgrade-only <package name> but this doesn't work for me, sorry
    – Brian SP2
    Sep 26 '17 at 6:58















so you have two questions, 1.print security updates, 2.update only selected packages, well I know that there are 6 links in sources.list and two of them are security related repo links, you can see which upgradable packages would be downloaded from each link by following command: sudo apt upgrade --no-upgrade --assume-no --print-uris
– Brian SP2
Sep 26 '17 at 6:57





so you have two questions, 1.print security updates, 2.update only selected packages, well I know that there are 6 links in sources.list and two of them are security related repo links, you can see which upgradable packages would be downloaded from each link by following command: sudo apt upgrade --no-upgrade --assume-no --print-uris
– Brian SP2
Sep 26 '17 at 6:57













but about second question, apparently you can choose a single package to be upgraded by the following command sudo apt upgrade --upgrade-only <package name> but this doesn't work for me, sorry
– Brian SP2
Sep 26 '17 at 6:58




but about second question, apparently you can choose a single package to be upgraded by the following command sudo apt upgrade --upgrade-only <package name> but this doesn't work for me, sorry
– Brian SP2
Sep 26 '17 at 6:58










2 Answers
2






active

oldest

votes

















up vote
7
down vote



accepted










apt can’t (yet) provide the information you’re after. aptitude can though, albeit somewhat confusingly:



aptitude search '~U ~ODebian' -F "%p %O"|awk '/Debian-Security/ print $1'


This searches all upgradable (~U) packages from official Debian repositories (~ODebian), and displays their package name (%p) and “origin” (%O). The latter actually displays the repository label, which is “Debian-Security:9/stable” for the Debian 9 security repositories. You end up with a list of upgradable package names from the security repositories.



There are a variety of ways to install only security upgrades, none of them ideal though.



  • aptitude’s text interface allows only security upgrades to be applied, simply by scrolling to the “Security Updates” header (which should be the first one) and hitting +.



  • You can feed the list of packages extracted above to apt to install the upgrades:



    aptitude search '~U ~ODebian' -F "%p %O" |
    awk '/Debian-Security/ print $1' |
    xargs apt-get install --only-upgrade


    This has the unfortunate side-effect of clearing the “automatically installed” marker on upgraded packages.




  • You can use unattended-upgrades, whose default action is to only apply security upgrades:



    unattended-upgrades -v


    If you don’t want upgrades to be installed automatically, you’ll need to disable unattended-upgrades’s daily cron job.







share|improve this answer



























    up vote
    3
    down vote













    To display the security update you can use:



    apt-get --just-print upgrade | grep -i security | awk 'print $2' | awk '!seen[$0]++'


    To apply only the security updates for 1 package:



    apt-get install --only-upgrade pckg_name


    To apply only the security updates from list:



    list=$(apt-get --just-print upgrade | grep -i security | awk 'print $2' | awk '!seen[$0]++')
    apt-get install --only-upgrade $list





    share|improve this answer




















      Your Answer







      StackExchange.ready(function()
      var channelOptions =
      tags: "".split(" "),
      id: "106"
      ;
      initTagRenderer("".split(" "), "".split(" "), channelOptions);

      StackExchange.using("externalEditor", function()
      // Have to fire editor after snippets, if snippets enabled
      if (StackExchange.settings.snippets.snippetsEnabled)
      StackExchange.using("snippets", function()
      createEditor();
      );

      else
      createEditor();

      );

      function createEditor()
      StackExchange.prepareEditor(
      heartbeatType: 'answer',
      convertImagesToLinks: false,
      noModals: false,
      showLowRepImageUploadWarning: true,
      reputationToPostImages: null,
      bindNavPrevention: true,
      postfix: "",
      onDemand: true,
      discardSelector: ".discard-answer"
      ,immediatelyShowMarkdownHelp:true
      );



      );













       

      draft saved


      draft discarded


















      StackExchange.ready(
      function ()
      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f394438%2flinux-display-or-upgrade-security-updates-only-using-apt%23new-answer', 'question_page');

      );

      Post as a guest






























      2 Answers
      2






      active

      oldest

      votes








      2 Answers
      2






      active

      oldest

      votes









      active

      oldest

      votes






      active

      oldest

      votes








      up vote
      7
      down vote



      accepted










      apt can’t (yet) provide the information you’re after. aptitude can though, albeit somewhat confusingly:



      aptitude search '~U ~ODebian' -F "%p %O"|awk '/Debian-Security/ print $1'


      This searches all upgradable (~U) packages from official Debian repositories (~ODebian), and displays their package name (%p) and “origin” (%O). The latter actually displays the repository label, which is “Debian-Security:9/stable” for the Debian 9 security repositories. You end up with a list of upgradable package names from the security repositories.



      There are a variety of ways to install only security upgrades, none of them ideal though.



      • aptitude’s text interface allows only security upgrades to be applied, simply by scrolling to the “Security Updates” header (which should be the first one) and hitting +.



      • You can feed the list of packages extracted above to apt to install the upgrades:



        aptitude search '~U ~ODebian' -F "%p %O" |
        awk '/Debian-Security/ print $1' |
        xargs apt-get install --only-upgrade


        This has the unfortunate side-effect of clearing the “automatically installed” marker on upgraded packages.




      • You can use unattended-upgrades, whose default action is to only apply security upgrades:



        unattended-upgrades -v


        If you don’t want upgrades to be installed automatically, you’ll need to disable unattended-upgrades’s daily cron job.







      share|improve this answer
























        up vote
        7
        down vote



        accepted










        apt can’t (yet) provide the information you’re after. aptitude can though, albeit somewhat confusingly:



        aptitude search '~U ~ODebian' -F "%p %O"|awk '/Debian-Security/ print $1'


        This searches all upgradable (~U) packages from official Debian repositories (~ODebian), and displays their package name (%p) and “origin” (%O). The latter actually displays the repository label, which is “Debian-Security:9/stable” for the Debian 9 security repositories. You end up with a list of upgradable package names from the security repositories.



        There are a variety of ways to install only security upgrades, none of them ideal though.



        • aptitude’s text interface allows only security upgrades to be applied, simply by scrolling to the “Security Updates” header (which should be the first one) and hitting +.



        • You can feed the list of packages extracted above to apt to install the upgrades:



          aptitude search '~U ~ODebian' -F "%p %O" |
          awk '/Debian-Security/ print $1' |
          xargs apt-get install --only-upgrade


          This has the unfortunate side-effect of clearing the “automatically installed” marker on upgraded packages.




        • You can use unattended-upgrades, whose default action is to only apply security upgrades:



          unattended-upgrades -v


          If you don’t want upgrades to be installed automatically, you’ll need to disable unattended-upgrades’s daily cron job.







        share|improve this answer






















          up vote
          7
          down vote



          accepted







          up vote
          7
          down vote



          accepted






          apt can’t (yet) provide the information you’re after. aptitude can though, albeit somewhat confusingly:



          aptitude search '~U ~ODebian' -F "%p %O"|awk '/Debian-Security/ print $1'


          This searches all upgradable (~U) packages from official Debian repositories (~ODebian), and displays their package name (%p) and “origin” (%O). The latter actually displays the repository label, which is “Debian-Security:9/stable” for the Debian 9 security repositories. You end up with a list of upgradable package names from the security repositories.



          There are a variety of ways to install only security upgrades, none of them ideal though.



          • aptitude’s text interface allows only security upgrades to be applied, simply by scrolling to the “Security Updates” header (which should be the first one) and hitting +.



          • You can feed the list of packages extracted above to apt to install the upgrades:



            aptitude search '~U ~ODebian' -F "%p %O" |
            awk '/Debian-Security/ print $1' |
            xargs apt-get install --only-upgrade


            This has the unfortunate side-effect of clearing the “automatically installed” marker on upgraded packages.




          • You can use unattended-upgrades, whose default action is to only apply security upgrades:



            unattended-upgrades -v


            If you don’t want upgrades to be installed automatically, you’ll need to disable unattended-upgrades’s daily cron job.







          share|improve this answer












          apt can’t (yet) provide the information you’re after. aptitude can though, albeit somewhat confusingly:



          aptitude search '~U ~ODebian' -F "%p %O"|awk '/Debian-Security/ print $1'


          This searches all upgradable (~U) packages from official Debian repositories (~ODebian), and displays their package name (%p) and “origin” (%O). The latter actually displays the repository label, which is “Debian-Security:9/stable” for the Debian 9 security repositories. You end up with a list of upgradable package names from the security repositories.



          There are a variety of ways to install only security upgrades, none of them ideal though.



          • aptitude’s text interface allows only security upgrades to be applied, simply by scrolling to the “Security Updates” header (which should be the first one) and hitting +.



          • You can feed the list of packages extracted above to apt to install the upgrades:



            aptitude search '~U ~ODebian' -F "%p %O" |
            awk '/Debian-Security/ print $1' |
            xargs apt-get install --only-upgrade


            This has the unfortunate side-effect of clearing the “automatically installed” marker on upgraded packages.




          • You can use unattended-upgrades, whose default action is to only apply security upgrades:



            unattended-upgrades -v


            If you don’t want upgrades to be installed automatically, you’ll need to disable unattended-upgrades’s daily cron job.








          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Sep 26 '17 at 7:47









          Stephen Kitt

          145k22317382




          145k22317382






















              up vote
              3
              down vote













              To display the security update you can use:



              apt-get --just-print upgrade | grep -i security | awk 'print $2' | awk '!seen[$0]++'


              To apply only the security updates for 1 package:



              apt-get install --only-upgrade pckg_name


              To apply only the security updates from list:



              list=$(apt-get --just-print upgrade | grep -i security | awk 'print $2' | awk '!seen[$0]++')
              apt-get install --only-upgrade $list





              share|improve this answer
























                up vote
                3
                down vote













                To display the security update you can use:



                apt-get --just-print upgrade | grep -i security | awk 'print $2' | awk '!seen[$0]++'


                To apply only the security updates for 1 package:



                apt-get install --only-upgrade pckg_name


                To apply only the security updates from list:



                list=$(apt-get --just-print upgrade | grep -i security | awk 'print $2' | awk '!seen[$0]++')
                apt-get install --only-upgrade $list





                share|improve this answer






















                  up vote
                  3
                  down vote










                  up vote
                  3
                  down vote









                  To display the security update you can use:



                  apt-get --just-print upgrade | grep -i security | awk 'print $2' | awk '!seen[$0]++'


                  To apply only the security updates for 1 package:



                  apt-get install --only-upgrade pckg_name


                  To apply only the security updates from list:



                  list=$(apt-get --just-print upgrade | grep -i security | awk 'print $2' | awk '!seen[$0]++')
                  apt-get install --only-upgrade $list





                  share|improve this answer












                  To display the security update you can use:



                  apt-get --just-print upgrade | grep -i security | awk 'print $2' | awk '!seen[$0]++'


                  To apply only the security updates for 1 package:



                  apt-get install --only-upgrade pckg_name


                  To apply only the security updates from list:



                  list=$(apt-get --just-print upgrade | grep -i security | awk 'print $2' | awk '!seen[$0]++')
                  apt-get install --only-upgrade $list






                  share|improve this answer












                  share|improve this answer



                  share|improve this answer










                  answered Sep 27 '17 at 9:37









                  GAD3R

                  22.7k154895




                  22.7k154895



























                       

                      draft saved


                      draft discarded















































                       


                      draft saved


                      draft discarded














                      StackExchange.ready(
                      function ()
                      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f394438%2flinux-display-or-upgrade-security-updates-only-using-apt%23new-answer', 'question_page');

                      );

                      Post as a guest













































































                      Popular posts from this blog

                      How to check contact read email or not when send email to Individual?

                      Displaying single band from multi-band raster using QGIS

                      How many registers does an x86_64 CPU actually have?