SUSE upgrades its distros with 19 years of support – no other Linux comes close

I started my career on the SUSE kernel team in 2007. And I used to joke that I maintained Kernel versions that were released before I even started writing kernel code in high school in 2001.<p>It was really exciting and sort of daunting testing and releasing kernels with Ethernet drivers I fixed to European air traffic control and stock exchanges.<p>Anyways. Sort of funny to think maybe code I touched right out of college is still in production and just got a life extension.

Good for them, many companies would want this. Will be interesting to see if it helps the Company. If so, I would expect others would join.

I do wonder about these extended periods of support. Like how many eyes are they spending on comparing vulnerabilities in 18 year old versions of, to pick a random example, libdeflate. Are they backporting security fixes? If someone goes wrong, do they have expertise on how hand or are their customers just going to go bother the upstream maintainer?<p>I&#x27;ve certainly run into users expecting me to make my libraries run on old versions of Python that RHEL supports even if the PSF no longer does. Some of these users don&#x27;t understand that they&#x27;ve paid RHEL for support and they&#x27;ve paid me nothing, so I have no reason to give a toss what Python version RHEL supports in LTS minus 2.

For comparison: Windows Server has 5-10 years of support, and MacOS has 3-5.

<a href="https:&#x2F;&#x2F;www.suse.com&#x2F;lifecycle#suse-linux-enterprise-server-15" rel="nofollow">https:&#x2F;&#x2F;www.suse.com&#x2F;lifecycle#suse-linux-enterprise-server-...</a> is yet to be updated, but it does mention SP7 LTSS ending in 2031 (the article claims SP6 LTSS ending in 2038, which would be quite contradictory). Maybe we will have more clarity once SP6 is officially released.

But 19 years is so far beyond the support period of upstream projects, what happens when a bug is quantum-fuzzed out of 15yo software? Nobody from the project will care, and nobody&#x27;s backporting modern fixes to software <i>that</i> old.<p>It&#x27;s not enough to just apply patches as upstream releases them.<p>Is SUSE really going to take on full maintainership for all the software it redistributes?

Linux distribution support lifecycle is rarely a problem in reality from experience. In fact stability at that level probably hurts you in the long run because the disparity between your old and new world is massive then.<p>What is a problem is <i>quality control</i>. A lot of &quot;stable&quot; Linux distributions are buggy crap which has all sorts of weird problems and they are problems which I&#x27;ve had for 19 years. Also there are problems with <i>stability</i> which is due to people only doing the sexy work like rewriting the desktop environment every 6 months rather than fixing the bugs in it.<p>tl;dr: please concentrate on quality and stability, not longevity.

19 years!!<p>So imagine - you&#x27;re relying on some piece of software released around 2005. 2.6.10 Linux kernel, ext2 (maybe reiserfs?) TLS is called SSL and you&#x27;re good if your DSA key has 512 bits... This essential service your company needs had long been abandoned and <i>all</i> attempts to mitigate the imminent disaster have failed. (Migrate to competitor, revive the code base, run in a VM)<p>... Or some CTO has <i>seriously</i> done a bad job anticipating whatever maintenance necessary over last decade.<p>I appreciate that change is hard sometimes, but maaaan life is so much easier if you upgrade&#x2F;migrate&#x2F;rebuild every now and then with some frequency.