How to get a list of security updates on the command line in Debian/Ubuntu

In the GUI tool you can get a list packages with security updates. Can this be done on the command line in Debian or Ubuntu?

Normally I might use "apt-get upgrade" which would show me what is being upgraded, but I would like to know which ones are security updates.


Solution 1:

Use the unattended-upgrade application.

sudo unattended-upgrade

This lets you install only security updates automatically, but you can call it manually if needed.

Solution 2:

apt-get upgrade -s | grep -i security

... is what the Nagios check-apt plugin uses to count pending security updates which is similar to what you're looking for.

Solution 3:

On ubuntu you should be able to use apt-check, it's the one that populates your motd with the number of security updates available.

Solution 4:

You can get a list with this command:

sudo unattended-upgrade --dry-run -d 2> /dev/null | grep 'Checking' | awk '{ print $2 }'