> I would assume (and I know it's not good to do that!) that the updates > and patches that are pushed out through the repos are something not to > be ingored,....so why would the severity of one be that big an > issue?....(and I'm just curious...not trying to start a war!..LoL!) > For a start there's threes categories: bug fixes, enhancements and security fixes. The first will cover things like typos in man pages or behaviour that is not right but has no risk to the system. The second adds something new to a package - tzdata is a good example here. The third is security issues - these will generally fix one or more CVE announcements. Within that third category there are different levels of security issue depending on the nature of the problem. For example if something needs an interactive login as an unprivileged user to cause a process (eg mysqld) to fail that could be low security risk given the need to be on the system and only a denial of service to that one subsystem and no data loss. A higher category might be an unprivileged user being able to escalate their privileges to obtain increased access to a system they shouldn't have - there was a sudo exploit last year that would fall into this. The most severe category of security issue would allow am unprivileged user to remotely gain privileged access... This leads to full system compromises and should always be patched asap - especially on public facing systems. Sometimes it's possible to chain these things together... Fire example there might be a way for an unprivileged user to run arbitrary code (think a php big perhaps) which you could then chain to a local privilege escalation to take full control of a system. This is also why selinux is important to confine services to prevent them from going out of their allowed domain and mitigating security issues as and when they arise. As an admin rather than just updating everything all the time it's best practice to schedule updates and test them before major roll outs. Depending on the severity of the issue it may be something you delay to a standardised patching schedule (eg once a month update things) or treat as an emergency an roll out much quicker. Does that help explain things?