Ubuntu’s current LTS version (24.04) contains ffmpeg version 7:6.1.1-3ubuntu5 which has this buffer overflow vulnerability:
https://trac.ffmpeg.org/ticket/10952
https://ubuntu.com/security/CVE-2024-32230
On my only Ubuntu computer, my update widget says that I need to upgrade to ffmpeg version 7:6.1.1-3ubuntu5+esm2 but can only only do so with Ubuntu Pro. I’m not eligible for Ubuntu Pro.
Ubuntu claims that 24.04 is currently fully supported, and should have complete security updates. However, they seem to have paywalled this security update.
What should I do?
Those who are against it probably would just move away from Ubuntu. For those who aren’t, I don’t see why they shouldn’t register for Ubuntu Pro. It’s not in the spirit of the free software ecosystem, but not everyone needs to have the same level of commitment to free software.
IMO, hearing about Ubuntu Pro reinforces my decision to stick to Ubuntu derivatives like Mint, and it’s making me consider trying options like LMDE or straight up Debian.