Ubuntu Pro is a subscription offering for Ubuntu users who want to pay for the assurance of getting quick and high-quality security updates for Ubuntu. I tested it out to see how it works in practice, and to evaluate how well it works as a commercial open source service model for Linux.\n
Ubuntu Pro gives you 5 more years of security updates for versions that are EoL. You can see it here if you scroll down to the maintenance schedule https://ubuntu.com/security/esm
Glad to hear it’s extended maintenance for old software and not making their private users less secure.
Unfortunately, it’s both. They also hold back security updates for non-latest releases that are still covered under Standard support. I work in an environment where we track new CVEs for our builds, and we constantly see vulnerabilities for 22.04 that are fixed in Pro but not made available otherwise.
Sure, technically you can opt into Pro as an individual user without paying, but it puts everyone who uses off the shelf installs and containers at risk and is therefore an immoral and unethical process in my opinion.
What about 25.10?
I take it your build is dependant on the community-maintained Universe repo?
https://ubuntu.com/security/cves/about#security
https://help.ubuntu.com/community/Repositories/Ubuntu
https://askubuntu.com/questions/1452497/what-are-esm-apps-and-how-do-they-relate-to-ubuntu-pro
If they already to the work for esm-apps repo then they could at least send those fixes over to the universe repo until the release version is EoL one would think. On the other hand I have no idea what lives in universe and what lives in main.
That was a rabbit hole.