Ubuntu 20.04 update installed packages for security

I am a developer and using Ubuntu 20.04 LTS Linux server for my projects. I need to update installed packages for security on Ubuntu Linux 20.04 LTS server. How do I update my Ubuntu system using apt command and validate that security patches are applied?

Keeping your Ubuntu server system, kernel, docker, and the installed application is an essential system admin task. An updated Ubuntu 20.04 LTS system means fewer security issues and increased system stability. Ubuntu Linux is pretty user-friendly when it comes to applying security updates and patches. This page shows how to update the Ubuntu system using the apt command or the GUI tools for desktop installation.

Ubuntu 20.04 update installed packages for security

The procedure to install updates and security patches on Ubuntu:

  1. Open the terminal application.
  2. For remote server log in using the ssh command: ssh vivek@your-ubuntu-server-ip.
  3. Run the command sudo apt update to refresh package database.
  4. Show information about available update/packages/pathces, run: sudo apt list --upgradable
  5. Apply security updates and patches for all installed apps, run: sudo apt upgrade
  6. Reboot the system if kernel was updated by typing sudo reboot command.

Step 1 – Update package information

First you need to download package information from all configured sources stored in /etc/apt/sources.list and /etc/apt/sources.list.d/ directory. Use the grep command/egrep command to list sources:
grep -i "^deb" /etc/apt/sources.list

deb http://mirrors.linode.com/ubuntu/ focal main restricted
deb http://mirrors.linode.com/ubuntu/ focal-updates main restricted
deb http://mirrors.linode.com/ubuntu/ focal universe
deb http://mirrors.linode.com/ubuntu/ focal-updates universe
deb http://mirrors.linode.com/ubuntu/ focal multiverse
deb http://mirrors.linode.com/ubuntu/ focal-updates multiverse
deb http://mirrors.linode.com/ubuntu/ focal-backports main restricted universe multiverse
deb http://security.ubuntu.com/ubuntu focal-security main restricted
deb http://security.ubuntu.com/ubuntu focal-security universe
deb http://security.ubuntu.com/ubuntu focal-security multiverse

Fetch package updates information using the apt command:
sudo apt update

Step 2 – Find out information about available Ubuntu security-related updates

It is a good idea to list out all updates available for the box. Hence, we run the following command:
sudo apt list --upgradable

Listing... Done
distro-info-data/focal-updates,focal-updates 0.43ubuntu1.1 all [upgradable from: 0.43ubuntu1]
libnetplan0/focal-updates 0.99-0ubuntu2 amd64 [upgradable from: 0.99-0ubuntu1]
netplan.io/focal-updates 0.99-0ubuntu2 amd64 [upgradable from: 0.99-0ubuntu1]
python3-requests/focal,focal 2.22.0-2ubuntu1 all [upgradable from: 2.22.0-2build1]

Want to see a list of the updates one screen at a time? Try the following command along with grep command/more command:
sudo apt list --upgradable | more
## see if nginx update released or not ##
sudo apt list --upgradable | grep -i nginx

We can also list all possible versions that we can install or update using the following syntax:
sudo apt list --all-versions --upgradable
Before you apply updates please note down Linux kernel version, run:
uname -mrs
Sample outputs:

Linux 5.4.0-26-generic x86_64

It is also possible to create a list of all installed software as follow
dpkg --get-selections > ~/packages-list-dd-mm-yyyy.txt
We can restore em if required later:
sudo dpkg --set-selections < ~/packages-list-dd-mm-yyyy.txt
## restore it ##
sudo apt-get dselect-upgrade

See “Linux Get List of Installed Software for Reinstallation / Restore All the Software Programs” for more info.

Step 3 – Install updates via apt command line for Ubuntu 20.04

Fire up a terminal application or log in using ssh command. Run the apt command to upgrade all installed packages on Ubuntu Linux system:
sudo apt upgrade
When promoted as follows, type “Y” and press the [Enter] key to confirm operation of patching and applying updates on Ubuntu:

Do you want to continue? [Y/n]

How do I update a single package on Ubuntu?

Say you only want to update nginx package, run:
sudo apt install package
sudo apt install nginx
sudo apt install bash
sudo yum update python3

If nginx package already installed it will try to update to the latest version. If you do not want to install new packages; when used in conjunction with install, only-upgrade will install upgrades for already installed packages only and ignore requests to install new packages. Try:
sudo apt --only-upgrade install nginx

How to exclude Ubuntu 20.04 LTS package from a update

Use the apt-mark command as follows to held back given package, which will prevent the package from being automatically installed, upgraded or removed from the system:
sudo apt-mark hold {package}
sudo apt-mark hold bash

Want to cancel a previously set hold on a package to allow all actions again? Pass the unhold option as follows:
sudo apt-mark unhold {package}
sudo apt-mark unhold bash

We can use the following simple command to print a list of packages on hold in the same way as for the other show commands:
sudo apt-mark showhold
sudo apt-mark showhold | grep nginx

Step 4 – Reboot the Linux system

Did apt installed a new kernel? If so reboot the system, run:
sudo reboot
After reboot verify your Linux kernel version and list available updates, enter:
uname -mrs
sudo apt update
sudo apt list --upgradable

Ubuntu Linux 20.04 LTS – Updating your system using GUI

The GUI method is super easy. Press the Super key (Windows key) and type the following in search box:
update manager

Wait for some time as “Software Updater” need to refresh the database. Once repos are refreshed you will see the following box if any software updates available for your Ubuntu Linux 20.04 LTS desktop:

Click on the Install Now button.


You learned how to install software update and patches on Ubuntu 20.04 systems. See Ubuntu apt command help page for more information.

This entry is 6 of 6 in the How to keep your Linux system up-to-date Tutorial series. Keep reading the rest of the series:
  1. RHEL 8 update installed packages for security
  2. FreeBSD Applying Security Updates Using pkg/freebsd-update
  3. Amazon Linux AMI update installed packages for security
  4. SUSE 15 update installed packages for security
  5. CentOS 8 update installed packages for security
  6. Ubuntu 20.04 LTS update installed packages for security

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 0 comments... add one

CategoryList of Unix and Linux commands
Disk space analyzersdf duf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Modern utilitiesbat exa
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg glances gtop jobs killall kill pidof pstree pwdx time vtop
Searchingag grep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
0 comments… add one

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum