Every day I get an email from cron-apt if there are updates available for my Debian systems (I use it in download-only mode). A typical email might look like
CRON-APT RUN [/etc/cron-apt/config]: Tue Aug 27 04:00:03 BST 2013
CRON-APT SLEEP: 866, Tue Aug 27 04:14:29 BST 2013
CRON-APT ACTION: 3-download
CRON-APT LINE: /usr/bin/apt-get dist-upgrade -d -y -o APT::Get::Show-Upgraded=true
Reading package lists...
Building dependency tree...
Reading state information...
The following packages will be upgraded:
cacti (0.8.7g-1+squeeze1 => 0.8.7g-1+squeeze2)
[...more updates...]
Usually I'll be happy to apply these updates, but there are occasions when I'll choose not to: perhaps the update fixes a feature which I don't use, but would require a disruptive action (e.g. an Apache restart) to apply.
Is there a way of telling apt 'I'm not interested in that package update, so don't mention it again unless there are further updates'?
I don't want to pin the package, because future updates might be of interest.
You can tell cron-apt to search only for high priority updates. If you do not want to be bothered by high priority updates for some particular packages, then you should not use those packages and deinstall them---problem solved. If that's not a solution for you, you should think again about security. ;)