I can see this as a security risk if the updater were able to be set to automatic. Invariablely, some users will disregard the risks in the ongoing absolute trust of a particular server, and enough might be able to break the system if some cracker were to be able to compromise that trusted server and replace the client download with a compromised client with malware. Even if that only lasted for a short time.
That's why crypto-signed updates have existed in software systems for over a decade. You don't need to trust the server, if you have a public key stored locally. Fedora, Ubuntu, Debian etc. sign all their binary software packages with GPG, as an example.
Eventually bitcoin will catch up with the times
Even without auto-updates, this is a serious vulnerability with the packages on bitcoin.org. Posting SHA1 sums is useless without a cryptographic signature of some sort.