Ubuntu’s current LTS version (24.04) contains ffmpeg version 7:6.1.1-3ubuntu5 which has this buffer overflow vulnerability:
https://trac.ffmpeg.org/ticket/10952
https://ubuntu.com/security/CVE-2024-32230
On my only Ubuntu computer, my update widget says that I need to upgrade to ffmpeg version 7:6.1.1-3ubuntu5+esm2 but can only only do so with Ubuntu Pro. I’m not eligible for Ubuntu Pro.
Ubuntu claims that 24.04 is currently fully supported, and should have complete security updates. However, they seem to have paywalled this security update.
What should I do?
deleted by creator
My issue is that I don’t want to have to register for shit like that. If it’s security related, and it’s a free Linux distro (e.g. not RHEL, etc), it is absolutely not appropriate to diminish anonymity in exchange for those updates, or to paywall them.
It’s hardly diminishing your anonymity. There are plenty of services to create an anonymous email account.
This is a very accurate explanation. ☝️
Thanks for the info, I’d seen the pro option but just assumed I didn’t want it, like pretty much everything thing else labelled “pro”.
Since it’s all free software, what gives Ubuntu the privilege to restrict these updates behind paywalls and signups?
Fuck that bullshit. We shouldn’t be encouraging or enabling this behavior at all.
GPL does not restrict you from selling the software, though you can’t stop getting distributed by someone who bought it. Even RMS himself sold Emacs back in the day.
EDIT: I’m not saying it’s justified in moral sense, I think it sucks ass. But it’s not against the license.
Oh god, we know.
Practically speaking though, if anyone can redistribute it for free then it’s available for free.
You don’t seem to understand the difference between free as in freedom and free as in beer that is literally the cornerstone of the free software community.
This comment should be deleted soon
deleted by creator