As a PHP developer I ran into backporting sometime ago - back while 
CentOS was still around.

I host with a friend that owns a hosting company. He has been extremely 
reluctant to install anything not in the repository.  I think he was 
looking for stability.

I only use what is in the repository.

To use a package that is not in the repository is an opportunity to get 
things out of sync.

I am running Ubuntu 24.04lts.  It comes with PHP 8.3.  I think PHP is 
not actually 8.3 at this point because the maintainers are constantly 
updating the PHP package with newly released bug fixes, security fixes, 
etc.  The version number will always be 8.3 forever.  This ensures all 
works as designed.

I asked AI about RHEL and BackPorting :

Yes, Red Hat Enterprise Linux (RHEL) does backporting of packages as 
part of its standard update and maintenance process.

What is Backporting?

Backporting refers to the practice of taking a newer version of 
software, typically a security fix or a feature enhancement, and 
adapting it for use on older versions of the software or operating 
system. This allows users to benefit from important updates without 
needing to upgrade to a newer version of the software or system.

How Does Backporting Work in RHEL?

In the context of RHEL, backporting typically involves the following:

     Security Fixes: If a critical security vulnerability is discovered 
in a newer version of a package, the fix is often backported to the 
version of the package in the RHEL version being used. This ensures that 
older, stable versions of RHEL remain secure without having to upgrade 
the entire package or system.

     Bug Fixes: Sometimes, issues in older versions of software may be 
addressed by backporting bug fixes from newer versions.

     Stability Considerations: RHEL prioritizes stability for its 
enterprise customers. While upstream software projects may introduce new 
features in their latest versions, RHEL's focus is on ensuring that 
software on a given RHEL release remains stable. Backporting ensures 
that security and stability are maintained without disrupting the 
enterprise environment with major changes.

Example of Backporting:

Let's say RHEL 8 uses version 3.6 of a package (for example, Apache HTTP 
Server), but a security vulnerability is discovered in version 3.6. The 
newer version of the package (say, version 3.8) includes a fix for this 
issue. Rather than requiring RHEL 8 users to upgrade to version 3.8 of 
Apache, Red Hat may take the relevant security fix from version 3.8 and 
apply it to version 3.6. This process of applying only the fix (without 
upgrading the entire package version) is called backporting.

Benefits of Backporting:

     Security and Stability: Backporting allows Red Hat to maintain the 
security of older software without forcing users to upgrade to a newer 
version, which could potentially introduce compatibility issues or 
disrupt other services.

     Long-Term Support: RHEL releases typically have a long lifecycle (10 
years or more), so backporting helps ensure that users continue to 
receive important updates for many years without having to upgrade to 
new major versions of RHEL.

     Avoiding Disruption: Backporting focuses on applying fixes without 
introducing breaking changes, helping maintain the integrity and 
compatibility of the system.

In summary, backporting in RHEL is a critical feature that helps 
maintain security and stability in older versions of software while 
minimizing the impact on users' systems.

Keith





On 2024-12-09 12:08, Snyder, Alexander J via PLUG-discuss wrote:
> Thank you!  Following that guide I was able to get the packages I
> needed for Python3.12 installed.
> 
> Really appreciate the help!
> 
> --
> Thanks,
> Alex.
> 
> On Mon, Dec 9, 2024 at 9:24 AM Stephen Partington via PLUG-discuss
> <plug-discuss@lists.phxlinux.org> wrote:
> 
>> So installing a PPA under Debian has a few more jumps to it.
>> 
>> 
> https://linuxconfig.org/install-packages-from-an-ubuntu-ppa-on-debian-linux
>> And they appear to have the keys you need listed in that Blog post.
>> 
>> On Sun, Dec 8, 2024 at 4:05 PM Snyder, Alexander J via
>> PLUG-discuss <plug-discuss@lists.phxlinux.org> wrote:
>> 
>>> Have I mentioned how much I vastly dislike Debian?!
>>> 
>>> I think so .... but anyhoo ...
>>> 
>>> I can't seem to install this PPA repository.
>>> 
>>> I'm using a Raspberry Pi 4 with "Raspberry Pi OS" (formerly
>>> Raspian) -- which is secretly Debian Bookwork (Ubuntu 22.04 LTS)
>>> under the covers.
>>> 
>>> I'm trying to install Python3.12 and (apparently) it's not
>>> included in the main OS repositories by default, so after a bunch
>>> of Googling, I found I need a 3rd party repo called "Dead Snakes"
>>> (_because that sounds trustworthy_) ... and while the command
>>> "apt-add-repository" failed on a python error, I was able to add
>>> the line manually in "/etc/apt/sources.list.d/deadsnakes.list" ---
>>> but then I get an error about the key missing ...
>>> 
>>> =====================
>>> --> apt update
>>> Hit:1 http://deb.debian.org/debian bookworm InRelease
>>> Hit:2 http://deb.debian.org/debian-security bookworm-security
>>> InRelease
>>> Hit:3 http://deb.debian.org/debian bookworm-updates InRelease
>>> Hit:4 http://archive.raspberrypi.com/debian bookworm InRelease
>>> Get:5 https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu jammy
>>> InRelease [18.1 kB]
>>> Err:5 https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu jammy
>>> InRelease
>>> The following signatures couldn't be verified because the public
>>> key is not available: NO_PUBKEY BA6932366A755776
>>> Reading package lists... Done
>>> W: GPG error:
>>> https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu jammy
>>> InRelease: The following signatures couldn't be verified because
>>> the public key is not available: NO_PUBKEY BA6932366A755776
>>> E: The repository
>>> 'https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu jammy
>>> InRelease' is not signed.
>>> N: Updating from such a repository can't be done securely, and is
>>> therefore disabled by default.
>>> N: See apt-secure(8) manpage for repository creation and user
>>> configuration details.
>>> ===========================
>>> 
>>> This is the repo URL:
>>> 
>> https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu/dists/jammy/
>>> 
>>> and on that page, I see a GPG file, which I tried (_probably
>>> incorrectly_) to install:
>>> 
>>> curl -fsSL
>>> 
>> 
> https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu/dists/jammy/Release.gpg
>>> | gpg --dearmor -o /usr/share/keyrings/deadsnakes.gpg
>>> 
>>> but then when I do "apt update" I get the error shown above.
>>> 
>>> This is infinitely easier on RedHat ... just sayin'
>>> 
>>> Anyhoo -- I appreciate the help on this.  I would prefer to not
>>> compile Python from source on a Raspberry Pi, as that takes over
>>> an hour to do.
>>> 
>>> --
>>> Thanks,
>>> Alex.
>>> 
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
>> 
>> --
>> A mouse trap, placed on top of your alarm clock, will prevent you
>> from rolling over and going back to sleep after you hit the snooze
>> button.
>> 
>> Stephen
>> 
>> ---------------------------------------------------
>> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
> ---------------------------------------------------
> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss