Hi Folks,
I'm running two Raspberry with Pihole now since a couple of weeks and I start questioning my self some things:
Is it really important (from a security standpoint) to have the Operating system up2date, when PiHole just acts as an internal DNS resolver?
couldn't I just leave it running as is?
What are you thoughts.
Thanks
Michael
You generally want to keep the OS updated, as security patches and bug fixes are pushed regularly. Personally, I do this once a month or so.
You could leave it running as is for a long, long time with no problems.
Pi-Hole already does this for you, and if there is an update the version shown at the bottom of the web GUI dashboard will be red. This is done so the user can read the release notes for the new version, decide if the update is something they want, then they go to the command line and update their installed version.
I don't think it's really needed to update the OS.
But does rasbian have some auto patching for security patches like Ubuntu has?
And thanks by the way
Subscribe to Bugtraq mailing list and when receive allot of mails that could apply to your setup, its time again to run the dreaded updates 
A very interesting Link. subscribed to it.
Yet I also go for unattented-updates:
I finally used this (german) guide to install automatic PI updates:
https://www.stqu.de/joomla/index.php/raspberry-pi/90-pi-automatische-updates-unattended-upgrades
@miul84 Hey, that's me! I'm glad I was able to help you out, even if it was from a really ignorant question a while ago.
Except this bit:
For an office client, this might be a nice option but not for servers (or my gaming rig
Sometimes, the updates need user interaction what automatic updates cant do.
So you think your system is safe but its not.
It all depends on the context. These articles are about admins of companies and Datacenters.
My two little raspberries can surely have this automatic done without worries, in my home scenario.
Also
Ubuntu has its own live patching System I use it for a little unproduction and it works fine.
In a company environment where admins are paid to be on-site everyday either manual patching or Patchmanagement Software is the way to go. But this context/forum is more for the little box home system.
I want to be present and with time at hand if things go south because of the updates.
You know you get lynched by spouse, kids etc if you cant fix "the internet" emediatly on the spot
All devices at my place that allow, are set to warn for updates but not do auto update on its own.
Bummer.
All good things come to an end:
As of February 24, 2020, Symantec stopped approving posts to the Bugtraq mail list[25].
No final message from the list administrators and no statement from Symantec was posted.
Or maybe not just yet:
Date: 17 Jan 2021 01:25:13 -0000
Message-ID: <20210117012513.21919.qmail @mail.securityfocus.com>
From: alias @securityfocus.com
Cc: recipient list not shown: ;
Subject: On Second Thought...Bugtraq has been a valuable institution within the Cyber Security community for
almost 30 years. Many of our own people entered the industry by subscribing to it
and learning from it. So, based on the feedback we’ve received both from the
community-at-large and internally, we’ve decided to keep the Bugtraq list running.
We’ll be working in the coming weeks to ensure that it can remain a valuable asset
to the community for years to come. - Accenture Security