Automated Security Patch Updates?

[Chuklr]

DistroWatch.com Has the following news items regarding the Debian Project considering automatic application of security updates as the default:

Keeping an operating system up to date with security patches is one of the key processes involved in preventing a computer from being compromised by an attacker. With many computers systems being set up and left to run for months or even years unattended, the idea of automated package updates is an attractive option. The [URL='http://distrowatch.com/debian']Debian[/url] project is currently considering whether security updates should be applied automatically by default and, if so, what are the benefits and potential drawbacks? "The Debian project is looking at possibly making automatic minor upgrades to installed packages the default for newly installed systems. While Debian has a reliable and stable package update system that has been an inspiration for multiple operating systems (the venerable APT), upgrades are, usually, a manual process on Debian for most users. The proposal was brought up during the Debian Cloud sprint in November by longtime Debian Developer Steve McIntyre. The rationale was to make sure that users installing Debian in the cloud have a 'secure' experience by default, by installing and configuring the unattended-upgrades package within the images." [URL='https://anarc.at/blog/2016-12-22-debian-considering-automated-upgrades/']This blog post[/url] talks about some of the benefits and problems which could result from automated updates.

It sounds to me like this change may move forward.

 

[B00nie]

DistroWatch.com Has the following news items regarding the Debian Project considering automatic application of security updates as the default:



It sounds to me like this change may move forward.

Ubuntu has this already as option but it's a bit risky at least for servers. You don't want any automated updates in production machines, every update must be tested before committing them.