In shocking news the CentOS project announced today that they are shifting their Linux distribution to be based on the beta (non-stable) branch of Red Hat Enterprise Linux, rather than the stable branch. And that
I don’t know about how CentOS handled security patches for its stable releases, but Debian does backports of security updates (AFAIK there can be issues but it works fine for the important packages). The main problem is that rolling release can package conflicts and subtle issues, and depending on what branch the actual packages are on, they can be unstable or have many bugs (Nvidia drivers were the bame of my existance both when I ran Arch/Manjaro and OpenSUSE Tumbleweed). I’m not a sysadmin, but everywhere I read not to use rolling release for a production server.
I don’t know about how CentOS handled security patches for its stable releases, but Debian does backports of security updates (AFAIK there can be issues but it works fine for the important packages). The main problem is that rolling release can package conflicts and subtle issues, and depending on what branch the actual packages are on, they can be unstable or have many bugs (Nvidia drivers were the bame of my existance both when I ran Arch/Manjaro and OpenSUSE Tumbleweed). I’m not a sysadmin, but everywhere I read not to use rolling release for a production server.