• @[email protected]
    link
    fedilink
    English
    209 months ago

    I’d be surprised if you actually saw anything change from security updates tbh, I don’t think I’ve ever seen anything break from a quick patch.

    Dist upgrades are when things might break, but they’re only once every few years. Leave them too long though and you may end up with compatibility issues if you need to make changes.

    Fair enough if you’re not getting paid enough, the company should hire more people to stay on top of that though.

    • @[email protected]OP
      link
      fedilink
      19 months ago

      They have and that is why I don’t do them any more. Happened a few months ago in fact. Updated one of the Debian servers for one of webapps we have running (a black box piece of shit VM that’s stuck in 2010 I think)… suddenly, the app in the VM doesn’t work. The VM does start, but the app doesn’t work, just throws a 404. Why? Beats me, don’t have time to troubleshoot. Roll back a snapshot, everything works again. Conclusion, don’t update that.

      See, around here, you don’t keep your job by messing around with things that already work. They work, period, why did even feel the need to mess with that 🤨. If that’s management’s view on security, fine, so be it 🤷.

      I still file reports on things not being up to date, just so that if shit hits the fan, I’m not the one taking the fall for it.

    • @[email protected]
      link
      fedilink
      19 months ago

      Usually you upgrade everything though, not just sec patches. And it’s a risk that something stops working, and nobody wants to spend time on that…

      • @[email protected]OP
        link
        fedilink
        -3
        edit-2
        9 months ago

        Exactly… because it’s tidious and time consuming… and I won’t get extra pay for it. Meanwhile I’m also expected to do everything else I do… sorry, just not gonna bother at all.