I’ve gone months between updates. On servers, that’s a little more risky because it CVEs, which can also apply to the kernel, but LTS is probably safe enough there: if there’s a kernel CVE, LTS will be updated.
I’ve had trouble with pinning the kernel before, though. Last time I did it, I went several months and forgotten I’d done it, and my system got itself wedged because some package was expecting a newer kernel; it took me a while to figure out.
LTS might be a better option, since that will be caught be dependency management. Pinning can cause version dependency mismatch issues.
I’ve gone months between updates. On servers, that’s a little more risky because it CVEs, which can also apply to the kernel, but LTS is probably safe enough there: if there’s a kernel CVE, LTS will be updated.
I’ve had trouble with pinning the kernel before, though. Last time I did it, I went several months and forgotten I’d done it, and my system got itself wedged because some package was expecting a newer kernel; it took me a while to figure out.
LTS might be a better option, since that will be caught be dependency management. Pinning can cause version dependency mismatch issues.