EOL warnings on "old stable"

pvps1

pvps1

Renowned Member
Proxmox Subscriber
May 24, 2016
140
40
93
Pettenbach, Upper Austria
proserver1.at
I would like to suggest that on "old stable" (Bullseye, PVE7) there are not "YOU ARE EOL" messages shown on the GUI.
I think it's unneccesary stress between IT and customer to force an update where it's not security relevant.

imo stable and old-stable should be "warning free"

just had an upgrade session for a customer that I really didn't want to upgrade, but "compliance reports, ISMS/SIEM, NIS2, blah..."

jm2c
Peter (a fan of permanent, continous upgrade though, but...)
 
old stable normaly gets all security relevant Updates for at least a year or more.

but thats not the main point.
even if you are a very security affine sysop (and I am) there are reasons or circumstances where you cannot upgrade a virtualization stack in a timeframe given by a 3rd party

eg: 99% of our servers are bookworm (several hundreds) but for the others we have reasons. and no customer (or sysop) gets a nag screen.

we have a life cycle management, we know it :)
 
I feel you, yet it is what it is ...

pvps1 said:
old stable normaly gets all security relevant Updates for at least a year or more.
Click to expand...
Yes, that year ended last month. Proxmox just copied the EOL from Debian to its own product, because Proxmox cannot provide security updates if Debian can't.


pvps1 said:
even if you are a very security affine sysop (and I am) there are reasons or circumstances where you cannot upgrade a virtualization stack in a timeframe given by a 3rd party
Click to expand...
You mean Debian as the 3rd party ;) ?
 
Besides the updates from Debian, most core parts like kernel and QEMU are fully controlled by Proxmox, and those won't get any updates after the EOL date.

So yes, after this date you'll lack updates for all issues, including security fixes, so this very much is security relevant.

The date is communicated over a year before it happens, so anybody that wants to avoid this has enough time to upgrade to a newer version.
And the warning in the web UI is now also using a two-step approach: First, just as info-level for a few weeks and relatively shortly before the actual date it becomes a more flashy warning, so this should not be surprising at all.

And as this thread shows it's clearly a good thing that this exists if it can help to reduce setups that are out of support and might be easy to take over and exploit in a few months after the EOL date.

Even if this time it was certainly extra stress, which I can understand that it's annoying from you, but I hope the next time it won't be as stressful if the system gets upgraded earlier, as PVE 8 will follow a similar pattern and will go end-of-support roughly one year after the future first PVE 9 release.
 
Last edited:
  • Like
Reactions: UdoB and ucholak
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom