There's obviously a way to check to see when an update is a security update. I often get greeted by a motd that says "there are N security updates."
What I'd like to do is have my server email me a list of what packages need updating for security reasons.
To take it a step further, the email would link to the applicable security notification from Ubuntu.
Basically, each server is somewhat unique. I've received several emails on the security mailing list for packages I do not have install on any/all servers. So I'd like each individual server to tell me what it needs. That way I can apply updates in a timely manner, while avoiding restarting services like Apache that would cause users to have some downtime.
How could I do this?