I personally use Mint's Debian-based distro
How do you handle security updates? I thought this distribution (LMDE) was ideal for my needs until I realized that, apart from Firefox and Thunderbird, practically no packages were being regularly updated despite vulnerabilities being discovered: LibreOffice, ffmpeg, file, apt, libnss, qemu to name some recent ones. Bash did get updated recently, and openssl eventually did after heartbleed, though I'm not sure it got all the updates.
I read some flamew^Wdebates on this topic online, which I think boil down to "LMDE is not a server OS, if you want security use Debian". This neglects the fact that even an end-user's desktop or workstation handles data from the network, which could be malware. To this kind of security philosophy, my reaction is that LMDE shouldn't be used except in very controlled environments.
As for regular Mint, I like it better than Ubuntu, though I was disappointed by their not supporting OS upgrades: as I understand it, installing a new Mint version requires a reinstall. (I tried doing it anyway, from 15 to 16 I think, and X broke. That's when I decided to try out LMDE, in fact.)
Any advice?