I understand Rocky Linux 8.10 is in ‘Maintenance Mode’ for the next 5 years, I am trying to understand what that means from a Security patching perspective.
Does this limit the vulnerabilities that are patched
Does Rocky mirror the RH8 policy.
How quickly are Rocky patches released once RH make them available.
Thanks, as always !
Info on when updates are released is explained on the website. 24-48 hours best effort after RH releasing them.
Maintenance is no different for Rocky than it is on RHEL. Fixes are made, new functionality is not. Whilst RH has an extended paid offering for providing updates for a certain amount of time after the EOL, Rocky does not.
That’s up to Red Hat to decide. We simply follow our upstream in this regard. In very, very rare cases, SIG/Security may provide security patches or changes that Red Hat does not ship.
Everything is explained at our wiki. See here.
