Red Hat provide RHEL KVM guest and cloud images. At time of writing, the last one was built in Feb 2015, and so undoubtedly contains packages which are out of date or insecure.
You can use virt-customize to update the packages in the cloud image. This requires the libguestfs subscription-manager feature which will only be available in RHEL 7.3, but see here for RHEL 7.3 preview packages. Alternatively you can use Fedora ≥ 22.
$ virt-customize \ -a rhel-guest-image-7.1-20150224.0.x86_64.qcow2 \ --sm-credentials 'USERNAME:password:PASSWORD' \ --sm-register --sm-attach auto \ --update [ 0.0] Examining the guest ... [ 17.2] Setting a random seed [ 17.2] Registering with subscription-manager [ 28.8] Attaching to compatible subscriptions [ 61.3] Updating core packages [ 976.8] Finishing off
- You should probably use
--sm-credentials USERNAME:file:FILENAMEto specify your password using a file, rather than having it exposed on the command line.
- The command above will leave the image template registered to RHN. To unregister it, add
--sm-unregisterat the end.