Some second-generation Pixel and Pixel XL users are reportedly not receiving the Android November security patch. That's despite the company's claims that it would be rolled out to every user over the course of a week beginning November 6. It's worth noting that most who are reporting the problem own Pixel devices operating on select carriers such as Verizon and T-mobile. Unfortunately, the problem has also been noticed on Google's own Project-Fi network. It is worth pointing out that Project-Fi does, in fact, partially make use of T-Mobiles towers. That seems to indicate that it could be tied to the carrier networks themselves.
Google does seem to be aware of the issue and Googlers identified as "experts" on the official product forum for the Pixel devices have responded to user complaints about the matter. Those responses seem to confirm that the problem is tied in with the networks since Googlers say it could be related to an incremental OTA not being created for some builds. The builds and build numbers, meanwhile, tend to be different from carrier to carrier. However, Googler's have also admitted that they really aren't sure why the issue is happening and that it could be something else entirely. Google, in this case, is responsible for the hardware, underlying operating system, and the update in question. Beyond that, the company is actually responsible for the rollout of the security update, bypassing the carriers entirely.
So it's likely that the problem is more complex than the above-mentioned scenario. Having said that, the company's configuration management (CM) team is also fully aware that there is a problem. So both an underlying cause and a fix for the problem are actively being looked into and, with any luck, that will be found before the December security patch is ready for release. Otherwise, there could be problems with that update as well. Fortunately, at least one Googler has suggested that there may be a workaround for the problem, for now. That's thanks to the fact that Android software can be installed manually – or side-loaded. That means a user could feasibly download the entirety of the OTA files and install them directly until a fix can be found by Google.