If you see this:
The following security updates require Ubuntu Pro with 'esm-infra' enabled:In short, it is telling you that the Ubuntu Core team has:
- patched versions of packages with known vulnerabilities
- made those improvements available for their Pro users/customers
If your Ubuntu machines are critical infrastructure for you, you should consider signing up for Ubuntu Pro.
If not, I think that makes it the perfect type of package update to “divert”:
File diversions are a way of forcing dpkg(1) not to install a file into its location, but to a diverted location. Diversions can be used through the Debian package scripts to move a file away when it causes a conflict. System administrators can also use it to override some package’s configuration file, or whenever some files (which aren’t marked as “conffiles”) need to be preserved by dpkg, when installing a newer version of a package which contains those files.
https://www.man7.org/linux/man-pages/man1/dpkg-divert.1.html
There are different ways to accomplish this, but I did it like this:
sudo dpkg-divert --divert /etc/apt/apt.conf.d/20apt-esm-hook.conf.bak --rename --local /etc/apt/apt.conf.d/20apt-esm-hook.confThis ultimately results in not receiving the most-fast security update benefits from Ubuntu Pro, but you aren’t any less secure than you would’ve normally been before Ubuntu Pro existed – we all still qualify for & receive the same old updates from the same old original package maintainers like before.