Thanks for the alert.
I'm in the clear on this one, but good to know.
I have wondered about automatically running apt-get update and apt-get dist-upgrade daily (I know there are other ways to do this as a cron job, but effectively doing so, by whatever means).
As I found out a few years ago, in general it's better to have automatic updates crash your system than to have a lack of updates lead to an infected server.