DNF Automatic No security updates needed, but 123 updates available

Hi,

I am using rocky8.10 and configured to pull security updates through dnf. I see nd flog is printing “Automatic No security updates needed, but 123 updates available”, I am bit confused why dnf is not installing those security patches/updates as it see there are some updates available? I am missing anything?

systemctl list-timers --all | grep dnf-automaticWed 2026-01-14 06:55:23 UTC  12h left      Tue 2026-01-13 06:05:26 UTC  12h ago   dnf-automatic.timer          dnf-automatic.service

dnf.log

grep "security updates" /var/log/dnf.*
/var/log/dnf.log:2025-12-30T06:45:58+0000 WARNING No security updates needed, but 123 updates available
/var/log/dnf.log:2025-12-31T06:04:58+0000 WARNING No security updates needed, but 123 updates available
/var/log/dnf.log:2026-01-01T06:16:35+0000 WARNING No security updates needed, but 123 updates available
/var/log/dnf.log:2026-01-02T06:48:58+0000 WARNING No security updates needed, but 123 updates available
/var/log/dnf.log:2026-01-03T06:51:31+0000 WARNING No security updates needed, but 123 updates available
/var/log/dnf.log:2026-01-04T06:23:33+0000 WARNING No security updates needed, but 123 updates available
/var/log/dnf.log:2026-01-05T06:27:59+0000 WARNING No security updates needed, but 123 updates available
/var/log/dnf.log:2026-01-06T06:34:59+0000 WARNING No security updates needed, but 123 updates available
/var/log/dnf.log:2026-01-07T06:02:00+0000 WARNING No security updates needed, but 123 updates available
/var/log/dnf.log:2026-01-08T06:20:08+0000 WARNING No security updates needed, but 123 updates available
/var/log/dnf.log:2026-01-09T06:34:26+0000 WARNING No security updates needed, but 124 updates available
/var/log/dnf.log:2026-01-11T06:27:36+0000 WARNING No security updates needed, but 123 updates available
/var/log/dnf.log:2026-01-12T06:37:00+0000 WARNING No security updates needed, but 123 updates available
/var/log/dnf.log:2026-01-13T06:05:34+0000 WARNING No security updates needed, but 123 updates available
/var/log/dnf.log.1:2025-12-09T06:32:06+0000 WARNING No security updates needed, but 105 updates available
/var/log/dnf.log.1:2025-12-10T06:17:57+0000 WARNING No security updates needed, but 105 updates available

Not all updates are security updates. Not all updates are tagged as security updates in the errata though there has been work to correct a lot of this.

IMO: You are recommended to update your system fully using dnf update. I would not fully rely on the security only updates feature of dnf.

OK. Thank you. But dnf updateinfo list security should only list security right ? and if your automatic config only enable security it should only look for security updates?

should only list available updates that have been correctly marked as security

It is way easier and safer to run dnf up – auto or manual is up to you.