[ale] LTS doesn't always mean LTS

DJ-Pfulio djpfulio at jdpfu.com
Mon Apr 25 09:02:26 EDT 2016


In Ubuntu LTS, there's an issue with many packages not receiving security updates.

https://www.wilderssecurity.com/threads/ubuntu-lts-many-vulnerabilities-despite-long-term-support.385386/
====
$ ubuntu-support-status --show-unsupported
Support status summary of 'lubuntu':

You have 196 packages (8.0%) supported until February 2015 (9m)
You have 12 packages (0.5%) supported until January 2017 (9m)
You have 1679 packages (68.8%) supported until May 2019 (5y)
You have 148 packages (6.1%) supported until May 2017 (3y)

You have 101 packages (4.1%) that can not/no-longer be downloaded
You have 304 packages (12.5%) that are unsupported

No longer downloadable:
  <insert huge-ass-list> .......

Unsupported:
 <insert even-huger-huge-ass-list> .......
====
Saw this and freaked out a little! 196 packages have lost support already on a
14.04 desktop.  Most are java and perl helpers. The perl stuff doesn't bother
me, since I use perl-brew for all my real work in perl (never depend on the
system perl stuff). But there are some ssh2, TLS, and qemu in that list too!

    Supported until February 2015 (9m):
    chromium-browser chromium-browser-l10n expect .... qemu-common
libsqlite3-dev libssh2-1 libssh2-1-dev libssl-dev libgnutls-dev libgnutls28
libgnutlsxx27

A non-supported browser is a non-starter for me. This is on my primary desktop!
Must do something about that, even if it means removal of the browser.

to see which installed pkgs have and do not have support on your boxes.
It basically comes down to which repository the packages are in.  Just something
more to be aware about.

Someone did the same thing for Debian and claimed that all the package security
fixes were back ported to the "supported" releases.

Lucy (Canonical), you got some 'splaning to do.



More information about the Ale mailing list