Monitoring for and applying security patches

Our institution is considering implementing an Omeka system and I'm wondering what process is in place for checking for updates (versus upgrades) and applying them. I'm assuming yum updates won't include Omeka, so what is the proper method to keep a system up to date with security patches? Will our regular OS updates cover the Apache, PHP, and MySQL components, or are they installed through a non-RPM/YUM-aware process?

Updates to LAMP are completely separate from Omeka. Omeka isn't packaged up with RPM or YUM, though there is a third-party package on Installatron, and if you install via Omeka's git repo you can just do a git pull for subsequent releases.

Whenever there is a new version of Omeka, a message will be displayed on the admin side of Omeka to alert you to it.