Well, that is puzzling, because people are talking about upgrading to the latest Fedora, in preference to Debian. But I understand Fedora uses the latest versions of apps? This would seem to make it equivalent to Debian unstable (and just as unsuitable for production servers). I've never actually run Fedora though (and I haven't run Redhat for years), so perhaps there's some flexibility I don't know about.
Part of the puzzle here is that different distributions have a different release schedule. Debian Woody is a stable release, but its nearly two years old. Gentoo x86 2004.1 is a stable release, and its about a month old. Fedora Core 1 is a stable release, and its not very old either. Personally, I run Gentoo ~x86 (the "unstable" branch) on my desktop and I've had some real show-stoppers sneak in. Things like, the shadow package *overwrites* my /etc/pam.d/system-auth with what it considers to be safe defaults, and in the process completely overwrites my changes to do LDAP auth. So, no users can log in. That's not a *huge* problem until you realise that SSH doesn't accept root logins any more. Suddenly, your box is inaccesable. Another bug I had with Gentoo ~x86 was an init script changing for the network interface. It tried to detect link state on the ethernet device before running DHCP - if it couldn't detect link, it would not bring the interface up. It was an attempt to make things quicker for laptop users who didn't like waiting 3 minutes or whatever for DHCP to time out. However, it meant I had no networking on boot up. The problem? A completely broken init script which wouldn't in any way work, but wasn't tested at all and was just committed into CVS and then into the initscripts package. Smart. Easy fixes, once you know about them. Show-stoppers otherwise. I can't speak for Debian Unstable, as I've not run it for ages, but I really don't want *any* chance of something that is even remotely untested going onto a production server. That said, Gentoo x86 and FC1, both stable releases, are more 'up to date' than Debian. Without getting into why this is[1], for a server or critical situation I'd prefer to put my trust in something that's been through the testing process a lot more than the unstable branch of a distribution. I guess, the 'stable' bit refers not so much to how old the application or the package is, but how well it has been tested. That's probably the best way of describing this. Certainly some bugs get through, even in Debian Woody, but you don't have a trivial package update leaving your system unbootable as a general rule. [1] or even if FC1 etc are actually more suitable for servers or critical situations.