>> Is it that the Xubuntu team stops working on 16.04 in April. But, >> that updates to *Ubuntu* are still available? Can one depend on >> downloads from Ubuntu's servers for security updates but that >> Xubuntu bugs will no longer be fixed?
Hi, if you take a look at the package search, you'll notice that xfce4 is from "universe". "xfce4 (4.12.2) [universe]" - https://packages.ubuntu.com/xenial/xfce4 By mistake I tend to call "Main", "Restricted", "Universe" and "Multiverse" different repositories. The correct phrase is "Software in Ubuntu's repository is divided into four categories or components - main, restricted, universe and multiverse." "Main [snip] Software in main includes a hand-selected list of applications that the Ubuntu developers, community and users feel are most important, and that the Ubuntu security and distribution team are willing to support. When you install software from the main component, you are assured that the software will come with security updates and that commercial technical support is available from Canonical. Restricted [snip] Universe [snip] Canonical does not provide a guarantee of regular security updates for software in the universe component, but will provide these where they are made available by the community. Users should understand the risk inherent in using these packages. Popular or well supported pieces of software will move from universe into main if they are backed by maintainers willing to meet the standards set by the Ubuntu team. Multiverse [snip]" - https://help.ubuntu.com/community/Repositories IOW since XFCE4 is from "universe" the support provided by community maintainers could differ from packages maintained by Ubuntu maintainers, but keep in mind that dependencies are kept consistent and that XFCE4 depends on packages from "Universe". IOW XFCE4 does benefit from important security upgrades of packages provided by "Main", too. If e.g. libc6 gets a security upgrade, it still stays a consistent dependency of XFCE4, it will not break XFCE4. A security leak more likely happens for an important dependency of XFCE4, less likely for a XFCE4 package. Ubuntu security notices: https://usn.ubuntu.com/ Regards, Ralf -- xubuntu-users mailing list xubuntu-users@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xubuntu-users