I couldn’t disagree more with you. If you are running something REAL life critical the moment there is a patch you install it and deploy as fast as possible. And if it contains any severe patch it is even the vendor who recalls all the equipment with service bulletin and advisory letters.
With life critical you don’t wait the bug to appear because It maybe too late to avoid deadly consequences.
Yes you do,
Configuration control is a max in this world and you don’t have the control/ability/power to decide which patches go in or stay out. The vendor, the person who has all the power and knowledge, is the one who decides.
You can loose all your certifications or being held liable for any problem due to that policy.
Not even red hat (certainly not a life critical system) allows a different level of patches/state out of their approved ones