Bei Debian GNU/Linux werden alle Pakete der jeweils aktuellen Debian-Version sowie der Versionen mit LTS-Unterstützung mit Sicherheitsupdates versorgt und unterstützt.

Ubuntu behaves considerably differently here.

• main - wird vollständig von Canonical mit Sicherheitsupdates unterstützt
• universe - wird von der Community, aber nicht von Canonical bzw. Ubuntu mit Sicherheitsupdates unterstützt
• multiverse - es werden keine Patches und Sicherheitsupdates zur Verfügung gestellt

The problem is even greater regarding support for Ubuntu LTS. According to the website, there are no security updates for universe (the repository from which, for example, many PHP packages are needed) beyond the maximum 9-month basic support period.

• main und restricted - Sicherheitsupdates für 10 Jahre LTS Support

universe und multiverse - keine Sicherheitsupdates über den Basiszeitraum (9 Monate!) hinaus

For the reasons listed above, we develop Benno MailArchiv based on Debian. If it becomes necessary to fix security vulnerabilities in older package versions, the Debian project develops backports of the security fixes. These close vulnerabilities in older versions that are no longer being actively developed but are still included in the supported Debian versions. In this way, the Debian project ensures that all packages in a Debian version are consistently maintained and kept secure.

Furthermore, supporting the Debian-based Ubuntu has occasionally proven somewhat difficult in the past, as Ubuntu has introduced some incompatible changes to Debian. Some of these changes were even reverted after a few versions, leading to unsatisfactory situations. It should also be noted that fundamental new system configuration options introduced by Ubuntu (e.g., netplan) can sometimes surprisingly have the characteristic that (see netplan) not all configuration options of the TCP/IP stack are supported.