What is the definition of a "standard security update"? What other classifications are possible?

apt updates 20.04

Since recently upgrading to 20.04 I see informational messages after running apt update similar to

46 upgraded, 5 newly installed, 0 to remove and 0 not upgraded.
31 standard security updates

Googling has failed to turn up the definition of the phrase standard security update. What is it? And, are there non-standard security updates? What possibilities are there?


Solution 1:

Seems to a part of ubuntu-advantage-tools to distinguish between freely available security updates (standard) and ESM (paid, later, actual for 16.04 LTS).

May be removed by removing special UA hook by

sudo rm /etc/apt/apt.conf.d/20apt-esm-hook.conf

Above will transform

42 upgraded, 5 newly installed, 0 to remove and 0 not upgraded.
29 standard security updates

to normal traditional behaviour

42 upgraded, 5 newly installed, 0 to remove and 0 not upgraded.

All this UA ESM stuff on supported Ubuntu versions smells like big BUY word with capital letters.
I found this unacceptable. Especially the viral behavior of UA:

$ sudo apt autopurge ubuntu-advantage-tools
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following packages will be REMOVED:
 distro-info* python3-debconf* ubuntu-advantage-tools* ubuntu-mate-core* ubuntu-mate-desktop* ubuntu-minimal* ubuntu-release-upgrader-core*
 ubuntu-release-upgrader-gtk* update-manager* update-manager-core* update-notifier* update-notifier-common*
0 upgraded, 0 newly installed, 12 to remove and 41 not upgraded.
After this operation, 6 687 kB disk space will be freed.
Do you want to continue? [Y/n] n
Abort.

I have reported a bug 1950692 about ubuntu-advantage-tools "integration".

Clues:

  • http://changelogs.ubuntu.com/changelogs/pool/main/u/update-notifier/update-notifier_3.192.30.9/changelog :

    update-notifier (3.192.30.7) focal; urgency=medium

    • data/apt_check.py:
      ...
      • Make distinction between standard security updates and ESM updates when performing package counts. (LP: #1926208)

  • https://git.launchpad.net/update-notifier/tree/data/apt_check.py#n254

  • https://github.com/canonical/ubuntu-advantage-client/blob/0e971e09ca30f21d581c0e8273579e892d198920/features/attach_validtoken.feature#L95

Solution 2:

You're right about standard security updates. Those are delivered in the Ubuntu Main respository for the initial 5 years of any Ubuntu LTS release. For example, Ubuntu 20.04 LTS benefits from it until 2025.

The ESM security updates are indeed in a different category - they go beyond standard security updates. The access requires a subscription, but it doesn't necessarily mean that you will have to pay anything. Anyone can get a free subscription for personal use.

To subscribe: https://ubuntu.com/advantage To learn more: https://www.omgubuntu.co.uk/2021/09/ubuntu-16-04-security-updates-esm-for-free

Full disclosure, I am a product manager at Canonical.

Related

Run simple X11 app in docker container on Ubuntu 20.04
Transition- Convert Ubuntu 16.04 to Lubuntu 18.10(without internet)
Telegram 2.1.7 launcher icon not showing up ubuntu 20.04
locale-gen doesn't work
ls command not working in Ubuntu 18.04
Copy and paste not working in ubuntu in VirtualBox 6.1.2
Laptop Screen Black After Suspend
What happens with changed config files when unattended-upgrades runs
curl dynamic linking problem in 21.10
Ubuntu 20.04 - Curl: symbol lookup error
Move to folder without using "exec"
Positive Number to Negative Number in JavaScript?