For each Ubuntu LTS release, Canonical maintains the Base Packages and provides security updates, including kernel livepatching, for a period of ten years.
There’s no need to register an account with Ubuntu at all. You have no idea what you’re talking about. You don’t need a pro license to get updates for an LTS for 5 years of support. The “base packages” are both the “main” and “restricted” repositories - it isn’t just a few “core libraries” as you seem to think.
Debian is an excellent distro but I can’t even find out what Debian considers to be covered by their LTS. Their page about it is very vague. I would guess that it’s the same though - “main” repository is what they cover. Similar to Ubuntu.
There’s no need to register an account with Ubuntu at all. You have no idea what you’re talking about. You don’t need a pro license to get updates for an LTS for 5 years of support. The “base packages” are both the “main” and “restricted” repositories - it isn’t just a few “core libraries” as you seem to think.
Really? So why does apt tell me that I need <some blabla that usually means “give us your money”, don’t remember exact wording> to get updates for more packages than it has downloaded each time I run apt update? I have latest LTS (22.04) on my laptop. Maybe you have no idea what you are talking about? I could get any updates until recent (year or two? I use that laptop only occasionally, so I don’t remember the exact time), but now it is clear that Canonical goes the same way as RedHat/IBM.
I would guess that it’s the same though - “main” repository is what they cover. Similar to Ubuntu.
You are wrong because Debian’s main is not similar to Ubuntu. Debian has no universe repo, all FOSS packages go to main.
So why does apt tell me that I need to get updates for more packages than it has downloaded each time I run apt update? I have latest LTS (22.04) on my laptop.
“I’m going to provide zero information about a problem I’m having, say that I have no idea why it’s happening, and then claim it supports my conclusion - check mate!”
@atzanteol@bizdelnick
From what I read, the +5 yrs with a Pro account is on top of the LTS 5 yrs support.
Say Xenial ended last April 2021. With Pro that extends it another 5yrs. With it support ends some time in 2026?
But that is not +5 from when you got the Pro account. It started ticking the moment Xenial EOL'd. So if I signed up Pro now, my Xenial updates will still end on 2026. Should work for later LTS versions, +5 after base 5 on the same Pro account free up to 5 machines.
Installing Debian is not an alternative to the 10-12 year Ubuntu LTS support because Debian doesn’t offer that kind of support. Also as the sibling noted, Ubuntu Pro isn’t needed to get the same support you’re getting from Debian. Ubuntu Pro provides additional support that you don’t get from Debian throughout the support lifespan.
BTW, not offering 10-12 years of support is totally reasonable for a community distribution. I don’t expect volunteers to be backporting fixes for packages built 12 years ago.
10-12 years of support attract only those who think they will never need to update. I don’t think so and I update to each released version, each ~2 years. I know that skipping a release is not supported in any distribution. And update cost grows exponentially over time. So thank you, but I don’t need a support for longer than 3 or 4 years. But for that period I want to have security updates for all software I installed, not only “base”. And I want to get them from public repositories hosted on independent mirrors to be sure that I wont be banned by vendor for some reason.
As for additional support, I don’t need it. I can solve my problems myself and do if faster than Canonical would do. And not only my problems. I also contribute to open source software and I want my contributions to be available to anyone, not only those who pay for support to some company that I have no relationship with.
There are community backports (like Sury's Debian builds) for PHP, including a branch of PHP 5.6 originally released in 2014. Most other notable languages and major packages have something likewise as well, right down to major packages like Drupal 6. It's not always easy, but it's doable and the work is usually either already done or can be paid for.
Weird things that are truly too difficult to support are also often excluded. Eg Spectre/Meltdown fixes were non-trivial and had to be backported to a fairly wide range of things but that only went so far back. Some old systems just never got those fixes and instead have to be ran with a workaround ("don't run untrusted code"). I don't know how things are with the new offering but large complicated packages with lots of moving parts like OpenStack used to be excluded from the full extended support cycle before as well.
In many cases, they will cherrypick security fixes and other major bugfixes from the bleeding edge version, and put those fixes in the old versions of the software.
This is the same thing the PHP folks would do while the old PHP is supported. Once the old PHP is out of support but Ubuntu LTS is still in support, then the Ubuntu folks have to put in the extra work to do the cherrypicking.
That would be the logical conclusion, but I believe Debian uses the old version for years after it’s unsupported and might backport security fixes depending on how severe they are. Either way, I personally wouldn’t trust Debian or Ubuntu to properly fix security issues with a program (or in this case, programming language) that they do not actively develop or maintain themselves.
Add comment