x > The largest difference between stable and testing is that Debian > provides security updates for stable, and for testing you're on your
http://www.nl.debian.org/security/faq#testing Q: How is security handled for testing and unstable? A: The short answer is: it's not. Testing and unstable are rapidly moving targets and the security team does not have the resources needed to properly support those. If you want to have a secure (and stable) server you are strongly encouraged to stay with stable. However, the security secretaries will try to fix problems in testing and unstable after they are fixed in the stable release. It is my subjective experience that the security team is actually pretty good about updating testing. For example the postgresql update applied to both testing & stable. Also for major packages (apache, postfix, postgresql), the upstream people tend to be pretty good about Quality Assurance. Running on a closed (sys admin shell only) for things like email. Especially given that Sarge is likely to become stable soon, the new features (not having to dick around with compiling broadcom drivers separately) make it worth the "risk". I have heard people claim that "testing" is as stable as Redhat release...
