After reading this link (and the following posts) I checked in my computer.
tester@lenovo-v130:~$ ubuntu-security-status
1832 packages installed, of which:
1673 receive package updates with LTS until 4/2025
152 could receive security updates with ESM Apps until 4/2030
7 packages are from third parties
Packages from third parties are not provided by the official Ubuntu
archive, for example packages from Personal Package Archives in
Launchpad.
For more information on the packages, run 'ubuntu-security-status
--thirdparty'.
Enable Extended Security Maintenance (ESM Apps) to get 10 security
updates (so far) and enable coverage of 152 packages.
This machine is not attached to an Ubuntu Advantage subscription.
See https://ubuntu.com/advantage
tester@lenovo-v130:~$
Questions
Why is Extended Maintenance needed for apps in Ubuntu 20.04.x LTS in 2021?
Which are those 10 security updates that need ESM? Is there a link where they are listed?
Where are the 152 packages (that need ESM) listed?
This sounds like a misleading, incorrect message. ESM wouldnât be needed (or even enabled) until 20.04 is EOL, in 2025. Can you file a bug issuing the following command: ubuntu-bug update-manager-core ?
The bug report was declared invalid, so we are back to where we started
So again, which packages in Ubuntu 2021 need ESM to be upgraded during 2021? Until [re]solved, several people are suspecting that there is a security hole here.
See my last comment on the bug. Julian suggested to continue the conversation here, which sounds reasonable. Note that a lot of people are on holidays now, so donât expect an answer until the new year.
Just saw this and ran âubuntu-security-statusâ on my 20.04.3 system. Seeing the same result so Iâm going to follow this thread to see whatâs going on.
Ubuntu 20.04.3 LTSFocal FossaChangesAugust 26, 2021April 2025 April 2030
ESM will start after April 2025.
All security Updates will be through your regular updates prior to 2025.
The 10 security updates are through your regular updates.
The 152 packages that will need ESM in 2025 is True. For now is covered through your regular updates until then in 2025.
I wish, hope and think that you are right - but want it confirmed by an Ubuntu âinsiderâ.
The text printed by ubuntu-security-status should describe the real situation and be understood by normal end users (many of us are not very good at English, so we need straightforward expressions).
The message is correct insofar as several updates are available in the ESM Apps repository (as you can see yourself by looking at the Packages file). It will start making sense once ESM Apps has been launched. We are investigating some improvements to the messaging.
In the meantime, I hope it suffices to say that there is no accident where regular security updates were pushed in the wrong repository or a reduction in security support for packages: Packages in main get security support, packages in universe and multiverse still do not have support, but may get community contributed security updates.
Hello all,
I sent a patch to the bug that hides the information about ESM-Apps while it is in beta state unless the user has explicitly enabled it.
This matches the behavior that UA Client has about the updates.
Please let me know if it is acceptable, or if there is anything else we can do to help.
Hi, not sure if this is open, but I received a simmilar message in a recently updated to 22.04 server:
$ ubuntu-security-status
1574 packages installed, of which:
1189 receive package updates with LTS until 4/2027
348 could receive security updates with ESM Apps until 4/2032
14 packages are from third parties
23 packages are no longer available for download
Been reading, some ubuntu pro pages go 404, but attached the server with a free for personal use token and still:
$ sudo ua enable esm-apps
One moment, checking your subscription first
This subscription is not entitled to Ubuntu Pro: ESM Apps
All of which would I would not care that much if I was not reminded at every login:
6 additional security updates can be applied with UA Apps: ESM
Learn more about enabling UA Apps: ESM service at https://ubuntu.com/esm
I mean, if this is the case (-proposed enabled, ubuntu-advantage-tools is version 27.11~22.04.1) then thatâs about it - this version will only hit the archive once everything else is aligned for the services to work (including esm-apps going out of beta, and thus generating proper output for security-status).
By the time that happens, any pages that are 404ing will be there, and your token will be entitled to esm-apps so it will be possible to enable it.
Your second thoughts might be true, but I donât remember doing anything to be using some beta, so standard user (me ?) gets involved in confusing state âŚ
Yes, you are correct - nothing was done our side to enforce the beta for any user as well.
However, this version of ubuntu-advantage-tools from -proposed is the one bringing the Service to a non-beta state, thus making it generally available. The thing is that didnât fully happen yet in the backends - and this version will only hit the archive (and be available to all users) once everything is in place.
Another thing to keep in mind is that we donât expect standard users to have -proposed enabled. Packages there may be broken or in inconsistent state, and are mainly available for pre-testing before officially released - which I see is exactly the case here.
Hmmmm, not really.
It is not enabled by default in an Ubuntu installationâŚ
As of Testing/EnableProposed - Ubuntu Wiki, it got in your sources.list somehow.
An uncommented line found via sudo grep -r -n /etc/apt/ -e 'jammy-proposed' may be the culprit.
Iâm positive I have never written âproposedâ.
This is a 22.04 upgraded from a clean 20.04 install. I did recover from an upgrade situation with a âsomething ⌠config -aâ because the upgrade stalled.
Should I comment that line ?
Ok, Iâm limited to only 3 replies (newbee here) but was saying:
Hmm, stupid me, that line is commented.
But I found another one from focal:
