On Tue, Jun 27, 2023 at 2:18 PM Steve Sobol <st...@lobosstudios.com> wrote: > > On 2023-06-27 10:54, David Wright wrote: > > On Fri 23 Jun 2023 at 15:51:31 (-0700), Steve Sobol wrote: > >> On 2023-06-23 15:26, Emanuel Berg wrote: > >> > Steve Sobol wrote: > >> > > >> > > > In general people don't want to dist-upgrade automatically. > >> > > > >> > > Seconded. > >> > > >> > I'm not following, when these functions are invoked, be it > >> > scheduled by some other software or by the user from the shell, > >> > they are intended to do their work automatically > >> > (non-interactively) if that is what you mean? > >> > >> Dist-upgrade makes major changes to your system, updating dozens of > >> packages, and pointing the OS at different APT repos. > > > > Yes, but only if you've changed the codename in your sources.list > > (or after a new release if you use the suite names). > > Maybe I'm thinking of do-release-upgrade, then. > > I am still not comfortable automating OS updates.
I recommend taking updates daily. The number one threat to server applications is unpatched software. The number one threat to users is phishing, followed by unpatched software at number two. Updating vulnerable software is important. And updating even though the software does not have a CVE is equally important. Many folks don't place importance on non-CVE items, but they bite, too. Cf., https://thenewstack.io/design-system-can-update-greg-kroah-hartman-linux-security/. Jeff
