We’re using AlmaLinux heavily in our production in AWS and looking to understand security patching process of the AlmaLinux AMIs. As per Release Notes | AlmaLinux Wiki, we understand any minor version release makes the previous release as EOL.
However, this part is “Version 9 will have active support until 31 May 2027, and security support until 31 May 2032.” is confusing and would like to ask for clarification here.
Suppose if we’re on 9.5 which is already EOL as of writing this with the release of 9.6 does it mean 9.5 will no longer get any security patches? so there won’t be any 9.5.x AMI available to use?
For each point update Red Hat forks a branch, makes the release from it and adds bug/security fixes (by backporting) into the branch (and releases updated packages).
Up to release of next point update the source code of the current branch is somewhat available (the dark blue in the lifecycle picture). The source code for “Extended Update Support” packages is not, nor has ever been available.
Since there are no publicly available sources for updates to point release after next point release becomes generally available, actors like AlmaLinux cannot feasibly provide equivalent packages, and are thus able to support only the current point update.
The difference between “active” and “security” support is that the active support adds new features as new point updates, while the security support is merely necessary fixes for the last released point update of AlmaLinux 9 – the 9.10.
