In case you have a server in a DMZ, with no internet access, you need to have another to update your server and keep it safe from knwown vulnerabilities. Tested sucessfully with a RedHat server 8
Prerequisites :
1) Create a tar file from the RPM database on the offline server, and copy this tar file to the online server (to be updated) :
tar cjf rpm_db.tar.bz2 /var/lib/rpm scp rpm_db.tar.bz2 root@online:/tmp/
2) Extract the tar file on the online system into an empty directory
mkdir /tmp/rpm_db/ tar xf /tmp/rpm_db.tar.bz2 -C /tmp/rpm_db/
3) On the online system, download all the RPM packages. It will download all the last available updates based on the offline RPM database previously uncompressed
yum update --downloadonly --downloaddir /tmp/rpm_db --installroot=/tmp/rpm_db/
4) Create the downloaded rpm updates into a tar file, and copy it from the online system to the offline system, and untar it into a new directory :
tar cjf rpm-updates.tar.bz2 /tmp/rpm_db/*.rpm scp rpm-updates.tar.bz2 root@offline:/tmp/ ssh root@offline mkdir /tmp/rpms tar xf /tmp/rpm-updates.tar.bz2 -C /tmp/rpms
5) On the offline server, to be sure the update will work and won't try to download any file on internet, verify in your /etc/yum.repos.d/redhat.repo if all enabled and enabled_metadata entries are set to 0
grep enabled /etc/yum.repos.d/redhat.repo
6) Update the offline system with the command :
yum localinstall /tmp/rpms/tmp/rpm_db/*.rpm
7) The installation will be performed !
Enjoy