Oops. I posted this from the course itself. But when I went to the "forums" I found the link: https://learn.redhat.com/t5/RH415-Red-Hat-Security-Linux-in/RH415-v9-2-Explain-Videos/m-p/41614#M20

Sorry for the extra fuzz here.

@KeyboardCatSec where exactly ? In v9 ? 

Looks like v9.2. I was working through the course yesterday.

ok got it @KeyboardCatSec , I will report it to get it corrected :

Thanks for reporting this typo!

@TonyButt  as per the Red Hat Official documentation , https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/managing_and_monitoring_sec... , I can see this here :

I think the official documentation is incorrect then - as I am able to verify this on my own system, and via the man page. Man page also states use --updates, not updates, but as that is the default it does not cause a problem. I can verify this by running the commands on a RHEL 9 system

From the man page for dnf

$ man dnf

...

--security
Includes packages that provide a fix for a security issue. Applicable for the install, repoquery, updateinfo, upgrade and offline-up‐
grade (dnf-plugins-core) commands.

...

Updateinfo Command
Command: updateinfo
Aliases: upif
Deprecated aliases: list-updateinfo, list-security, list-sec, info-updateinfo, info-security, info-sec, summary-updateinfo

dnf [options] updateinfo [--summary|--list|--info] [<availability>] [<spec>...]
Display information about update advisories.

Depending on the output type, DNF displays just counts of advisory types (omitted or --summary), list of advisories (--list) or detailed
information (--info). The -v option extends the output. When used with --info, the information is even more detailed. When used with
--list, an additional column with date of the last advisory update is added.

<availability> specifies whether advisories about newer versions of installed packages (omitted or --available), advisories about equal
and older versions of installed packages (--installed), advisories about newer versions of those installed packages for which a newer
version is available (--updates) or advisories about any versions of installed packages (--all) are taken into account. Most of the time,
--available and --updates displays the same output. The outputs differ only in the cases when an advisory refers to a newer version but
there is no enabled repository which contains any newer version.

Note, that --available takes only the latest installed versions of packages into account. In case of the kernel packages (when multiple
version could be installed simultaneously) also packages of the currently running version of kernel are added.

To print only advisories referencing a CVE or a bugzilla use --with-cve or --with-bz options. When these switches are used also the out‐
put of the --list is altered - the ID of the CVE or the bugzilla is printed instead of the one of the advisory.

If given and if neither ID, type (bugfix, enhancement, security/sec) nor a package name of an advisory matches <spec>, the advisory is
not taken into account. The matching is case-sensitive and in the case of advisory IDs and package names, globbing is supported.

Output of the --summary option is affected by the autocheck_running_kernel configuration option.