Updating linux lenny updating multiple select with ajax
Since you have a test server, obviously, always test the update before applying them.
I like cron-apt to automate this process, but as @dinomite pointed out on another question regarding updates, configuring it specifically to automate security-related updates is a very smart idea -- you can then manually update what you need.
This has the added advantage of knowing which package broke your system (ie.
if you're only upgrading a couple at a time) I always upgrade less critical systems first.
There is also a config option to mail you the results of each security update as well, once its applied.
It would be prudent to ensure that your testing sever is kept upto date and any packages that have bugs affecting you and your servers should be kept up to date.
(It keeps track of which ones it's submitted before in a file in /tmp so that it doesn't spam the queue.)Debian has two packages, apticron and cron-apt, which do a similar thing and email you if there are any updates available.
IME, apticron has the edge by emailing you the changelog so you can see what has changed.
Besides the security concerns of maintaining a patched system, I find that if I leave it too long between patches, I end up with a whole bunch of packages that want to be upgraded, and that scares me a-lot more than just upgrading one or two every week or so.
Therefore I tend to run my upgrades weekly, or if they are high priority, daily.