[xubuntu-users] Xubuntu: End-of-life Question

Ralf Mardorf silver.bullet at zoho.com
Mon Apr 8 06:59:55 UTC 2019

>> Is it that the Xubuntu team stops working on 16.04 in April. But,
>> that updates to *Ubuntu* are still available? Can one depend on
>> downloads from Ubuntu's servers for security updates but that
>> Xubuntu bugs will no longer be fixed?


if you take a look at the package search, you'll notice that xfce4 is
from "universe".

"xfce4 (4.12.2) [universe]" - https://packages.ubuntu.com/xenial/xfce4

By mistake I tend to call "Main", "Restricted", "Universe"
and "Multiverse" different repositories. The correct phrase is
"Software in Ubuntu's repository is divided into four categories or
components - main, restricted, universe and multiverse."


[snip] Software in main includes a hand-selected list of applications
that the Ubuntu developers, community and users feel are most
important, and that the Ubuntu security and distribution team are
willing to support. When you install software from the main component,
you are assured that the software will come with security updates and
that commercial technical support is available from Canonical.




[snip] Canonical does not provide a guarantee of regular security
updates for software in the universe component, but will provide these
where they are made available by the community. Users should understand
the risk inherent in using these packages. Popular or well supported
pieces of software will move from universe into main if they are backed
by maintainers willing to meet the standards set by the Ubuntu team.


[snip]" - https://help.ubuntu.com/community/Repositories

IOW since XFCE4 is from "universe" the support provided by community
maintainers could differ from packages maintained by Ubuntu
maintainers, but keep in mind that dependencies are kept consistent and
that XFCE4 depends on packages from "Universe". IOW XFCE4 does benefit
from important security upgrades of packages provided by "Main", too. If
e.g. libc6 gets a security upgrade, it still stays a consistent
dependency of XFCE4, it will not break XFCE4. A security leak more
likely happens for an important dependency of XFCE4, less likely for a
XFCE4 package.

Ubuntu security notices: https://usn.ubuntu.com/


More information about the xubuntu-users mailing list