For RHEL 6 , need to check yum-security-plugin is installed (for RHEL 7 it has been incorporated into yum)

 #rpm -qa | grep yum-plugin-security
 yum-plugin-security-1.1.30-14.el6.noarch

Check for critical security updates

 # yum --security --sec-severity=Critical check-update
 Loaded plugins: package_upload, product-id, security, subscription-manager
 This system is receiving updates from Red Hat Subscription Management.
 rhel-6-server-rpms                                                                                       | 2.0 kB     00:00
 rhel-6-server-rpms/primary                                                                               |  29 MB     00:00
 rhel-6-server-rpms                                                                                                  18431/18431
 Limiting package lists to security relevant ones
 rhel-6-server-rpms/updateinfo                                                                            | 3.3 MB     00:00
 23 package(s) needed for security, out of 585 available
 
 glibc.i686                                                  2.12-1.192.el6                       rhel-6-server-rpms
 glibc.x86_64                                                2.12-1.192.el6                       rhel-6-server-rpms
 glibc-common.x86_64                                         2.12-1.192.el6                       rhel-6-server-rpms
 glibc-devel.x86_64                                          2.12-1.192.el6                       rhel-6-server-rpms
 glibc-headers.x86_64                                        2.12-1.192.el6                       rhel-6-server-rpms
 java-1.6.0-openjdk.x86_64                                   1:1.6.0.41-1.13.13.1.el6_8           rhel-6-server-rpms
 java-1.7.0-openjdk.x86_64                                   1:1.7.0.121-2.6.8.1.el6_8            rhel-6-server-rpms
 libsmbclient.x86_64                                         3.6.23-36.el6_8                      rhel-6-server-rpms
 nscd.x86_64                                                 2.12-1.192.el6                       rhel-6-server-rpms
 nspr.x86_64                                                 4.11.0-1.el6                         rhel-6-server-rpms
 nss.x86_64                                                  3.21.3-2.el6_8                       rhel-6-server-rpms
 nss-sysinit.x86_64                                          3.21.3-2.el6_8                       rhel-6-server-rpms
 nss-tools.x86_64                                            3.21.3-2.el6_8                       rhel-6-server-rpms
 nss-util.x86_64                                             3.21.3-1.el6_8                       rhel-6-server-rpms
 ruby.x86_64                                                 1.8.7.374-4.el6_6                    rhel-6-server-rpms
 ruby-libs.x86_64                                            1.8.7.374-4.el6_6                    rhel-6-server-rpms
 samba.x86_64                                                3.6.23-36.el6_8                      rhel-6-server-rpms
 samba-client.x86_64                                         3.6.23-36.el6_8                      rhel-6-server-rpms
 samba-common.x86_64                                         3.6.23-36.el6_8                      rhel-6-server-rpms
 samba-winbind.x86_64                                        3.6.23-36.el6_8                      rhel-6-server-rpms
 samba-winbind-clients.x86_64                                3.6.23-36.el6_8                      rhel-6-server-rpms
 samba4-libs.x86_64                                          4.2.10-7.el6_8                       rhel-6-server-rpms
 xulrunner.x86_64                                            17.0.10-1.el6_4                      rhel-6-server-rpms

To find the advisory references

 # yum --sec-severity=Critical updateinfo list
 Loaded plugins: package_upload, product-id, security, subscription-manager
 This system is receiving updates from Red Hat Subscription Management.
 rhel-6-server-rpms                                                                                           | 2.0 kB    0:00
 RHSA-2016:0175 Critical/Sec. glibc-2.12-1.166.el6_7.7.i686
 RHSA-2016:0175 Critical/Sec. glibc-common-2.12-1.166.el6_7.7.x86_64
 RHSA-2016:0175 Critical/Sec. glibc-devel-2.12-1.166.el6_7.7.x86_64
 RHSA-2016:0175 Critical/Sec. glibc-headers-2.12-1.166.el6_7.7.x86_64
 RHSA-2013:0605 Critical/Sec. java-1.6.0-openjdk-1:1.6.0.0-1.57.1.11.9.el6_4.x86_64
 RHSA-2013:0602 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.9-2.3.8.0.el6_4.x86_64
 RHSA-2013:0751 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4.x86_64
 RHSA-2013:0957 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4.x86_64
 RHSA-2013:1451 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4.x86_64
 RHSA-2014:0026 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64
 RHSA-2014:0406 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5.x86_64
 RHSA-2016:0053 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.95-2.6.4.0.el6_7.x86_64
 RHSA-2016:0511 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.99-2.6.5.0.el6_7.x86_64
 RHSA-2016:0675 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.el6_7.x86_64
 RHSA-2015:0251 Critical/Sec. libsmbclient-3.6.23-14.el6_6.x86_64
 RHSA-2016:0611 Critical/Sec. libsmbclient-3.6.23-30.el6_7.x86_64
 RHSA-2016:0175 Critical/Sec. nscd-2.12-1.166.el6_7.7.x86_64
 RHSA-2014:0917 Critical/Sec. nspr-4.10.6-1.el6_5.x86_64
 RHSA-2014:0917 Critical/Sec. nss-3.16.1-4.el6_5.x86_64
 RHSA-2014:0917 Critical/Sec. nss-sysinit-3.16.1-4.el6_5.x86_64
 RHSA-2014:0917 Critical/Sec. nss-tools-3.16.1-4.el6_5.x86_64
 RHSA-2014:0917 Critical/Sec. nss-util-3.16.1-1.el6_5.x86_64
 RHSA-2013:1764 Critical/Sec. ruby-1.8.7.352-13.el6.x86_64
 RHSA-2013:1764 Critical/Sec. ruby-libs-1.8.7.352-13.el6.x86_64
 RHSA-2015:0251 Critical/Sec. samba-3.6.23-14.el6_6.x86_64
 RHSA-2016:0611 Critical/Sec. samba-3.6.23-30.el6_7.x86_64
 RHSA-2015:0251 Critical/Sec. samba-client-3.6.23-14.el6_6.x86_64
 RHSA-2016:0611 Critical/Sec. samba-client-3.6.23-30.el6_7.x86_64
 RHSA-2015:0251 Critical/Sec. samba-common-3.6.23-14.el6_6.x86_64
 RHSA-2016:0611 Critical/Sec. samba-common-3.6.23-30.el6_7.x86_64
 RHSA-2015:0251 Critical/Sec. samba-winbind-3.6.23-14.el6_6.x86_64
 RHSA-2016:0611 Critical/Sec. samba-winbind-3.6.23-30.el6_7.x86_64
 RHSA-2015:0251 Critical/Sec. samba-winbind-clients-3.6.23-14.el6_6.x86_64
 RHSA-2016:0611 Critical/Sec. samba-winbind-clients-3.6.23-30.el6_7.x86_64
 RHSA-2015:0250 Critical/Sec. samba4-libs-4.0.0-66.el6_6.rc4.x86_64
 RHSA-2013:0614 Critical/Sec. xulrunner-17.0.3-2.el6_4.x86_64
 RHSA-2013:0696 Critical/Sec. xulrunner-17.0.5-1.el6_4.x86_64
 RHSA-2013:0820 Critical/Sec. xulrunner-17.0.6-2.el6_4.x86_64
 RHSA-2013:0981 Critical/Sec. xulrunner-17.0.7-1.el6_4.x86_64
 RHSA-2013:1140 Critical/Sec. xulrunner-17.0.8-3.el6_4.x86_64
 RHSA-2013:1268 Critical/Sec. xulrunner-17.0.9-1.el6_4.x86_64
 RHSA-2013:1476 Critical/Sec. xulrunner-17.0.10-1.el6_4.x86_64
 updateinfo list done

To find out detailed information about an update

 #yum updateinfo RHSA-2016:0175
 Loaded plugins: package_upload, product-id, security, subscription-manager
 This system is receiving updates from Red Hat Subscription Management.
 rhel-6-server-rpms                                                                                                | 2.0 kB     00:00
 
 ===============================================================================
   Critical: glibc security and bug fix update
 ===============================================================================
   Update ID : RHSA-2016:0175
     Release :
        Type : security
      Status : final
      Issued : 2016-02-16 00:00:00
        Bugs : 1293532 - CVE-2015-7547 glibc: getaddrinfo stack-based buffer overflow
        CVEs : CVE-2015-7547
 Description : The glibc packages provide the standard C libraries (libc),

etc…

Recent Changes