I need to list (not count or install) all pending security updates on an Ubuntu 14.04 system. I've read the post How to create a list of of only security updates with apt-get? and its accepted answer (apt-show-versions | grep upgradeable | grep security
) does indeed give me a list.
However, that command lists 62 pending security updates. /usr/lib/update-notifier/apt-check
tells me that I have 75 pending security updates, but doesn't seem to have a way to list them. How can I reconcile these two numbers? Is one of the two commands doing something other than what I want?
Best Answer
If you are just looking to do this quickly once, instead of creating a separate repository and scripting up some automation and all that. Great if you aren't supposed to be making changes while auditing a system or whatever.
These two commands will spit out the list. Pipe to wc -l to see how many are behind. ;-)
Still valid for older distros or if you have update repos off, but security on: