[eduVPN-deploy] Ubuntu package repository
Joost van Baal-Ilić
joostvb-eduvpn at ad1810.com
Sat Feb 20 09:10:15 CET 2021
Hi again,
On Sat, Feb 20, 2021 at 12:30:07AM +0100, François Kooman wrote:
> On 19.02.21 18:27, Joost van Baal-Ilić wrote:
> > I'm not quite sure what's the smartest thing to do here, to be honest.
>
> Ah, so, the PHP of Ubuntu 20.04 LTS did at least get one update during its
> lifetime...
Indeed, and up to now it got 6 changes marked as "SECURITY UPDATE", supplied by
Ubuntu (at
http://changelogs.ubuntu.com/changelogs/pool/main/p/php7.4/php7.4_7.4.3-4ubuntu2.4/changelog).
> But not sure how to get any official confirmation that we'll get
> PHP updates for the next years under the LTS guarantee. Maybe it is just
> still part of the 9 months that all other Ubuntu releases also get? Who
> knows...
So, I double-checked, and indeed
https://packages.ubuntu.com/search?suite=focal§ion=universe&arch=any&keywords=php7.4-fpm&searchon=names
seems to indicate php7.4 in focal is from universe.
At https://wiki.ubuntu.com/SecurityTeam/FAQ I found:
"binary packages in universe and multiverse are supported by the Ubuntu
community."
"Ubuntu Advantage customers may receive additional security support beyond what
is freely available via standard support."
Seems indeed it is as bad as you indicated, if it is about "guarantees". Otoh,
in practice we see php7.4 _does_ get its share of security patches. Someone
should keep an eye on it, I'm afraid.
Bye,
Joost
More information about the eduVPN-deploy
mailing list