MX Linux Forum

About once a week, sometimes less than that, kernel.org releases new kernel versions with security fixes.
Ubuntu updates their kernels about every two weeks.
Debian updates their kernels about every six weeks.
Why is Debian so slow?
Would it even be smart to use Debian for any type of multi user internet facing server and risk not getting kernel updates for 2 months?
Does the kernel version generally make much difference for that type of use?

What did debian say when you asked them?

BV206 wrote: Sun Apr 14, 2024 11:58 am About once a week, sometimes less than that, kernel.org releases new kernel versions with security fixes.
Ubuntu updates their kernels about every two weeks.
Debian updates their kernels about every six weeks.
Why is Debian so slow?
Would it even be smart to use Debian for any type of multi user internet facing server and risk not getting kernel updates for 2 months?
Does the kernel version generally make much difference for that type of use?

I believe your misinformed. Debian pushes critical / security updates out quite quickly, in many cases daily. And then much slower on non critical updates.( Taking time to test and evaluate.)

Have a look at this page:

https://www.debian.org/security/

CharlesV wrote: Sun Apr 14, 2024 12:18 pm I believe your misinformed.

Probably. I have no software or systems development experience at all.

The Debian security page has 12 "linux security update" since Jan 2023. Most of those start with "Several vulnerabilities have been discovered in the Linux kernel..." It seems to me like there should be more unless they are fixed by other packages besides "linux".

There are 67 listed in 2024

CharlesV wrote: Sun Apr 14, 2024 12:18 pm ... Debian pushes critical / security updates out quite quickly, in many cases daily. And then much slower on non critical updates.( Taking time to test and evaluate.)

Have a look at this page:
https://www.debian.org/security/

Right, and it is pretty stupid to have an update at each kernel.org update, and for each current kernel versions, and for each platforms (amd64, x32,etc). (excepted for particular uses).
https://www.kernel.org/

CharlesV wrote: Sun Apr 14, 2024 1:42 pm There are 67 listed in 2024

Are you saying that everything listed at https://www.debian.org/security is a linux kernel update?

We get security updates within the kernal. Contrast the output of
with

No, I am saying they update / patch all the time, SOME are kernel updates. And as I read the update lists it is on a 'needed' basis. ( ie kernel or not)

Not everything has to be patched / fixed in kernels.

BV206 wrote: Sun Apr 14, 2024 4:00 pm Are you saying that everything listed at https://www.debian.org/security is a linux kernel update?

I think it's pretty obvious from the naming convention that the March 2024 "DSA-5645-1 firefox-esr" security update doesn't involve the kernel. Grepping the list of 2024 security updates, three of them were kernel updates. Two in January, one yesterday. If you'd like to update your kernel every couple of days it's possible to track the mainline kernel directly, though you'll quickly discover that the Debian kernel team puts in a lot of work before they publish something you can simply add with the convenience of "apt-get install linux-image-something". There's plenty of information on https://wiki.debian.org/DebianKernel to get you started.