Colin Law wrote:
Not arguing one way or the other but I suspect that if an upgrade that requires a reboot is performed, but the reboot is delayed, that the security hole may well likely not be plugged till the reboot is performed.
Well, the holes in the kernel wont be plugged until the next reboot, no. But most world-at-large facing bits and pieces will be, and they're normally the soft-spot.
Also, in the situation where someone has delayed the install for fear of an automatic reboot, it's entirely likely that they've postponed it beyond the next reboot (the updater is notoriously rubbish at guessing how long it's going to take). In that instance, having them install and not reboot until they next reboot leads to them booting into the patched kernel quicker.
-- Avi -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
