After upgrading to Focal, I noticed that kernel updates show up in the GUI under "other updates" instead of "security updates". This can lead to delayed notification of critical security fixes, as these updates usually include CVE mitigations.
Screenshot of GUI update notification with kernel update under "other updates"
apt list --upgradable
seems to suggest that these updates are no longer part of the focal-security
repository? Why? Can this be worked around by configuration, to restore the previous behavior?
~$ apt list --upgradable
Listing... Done
firefox-locale-de/focal-updates,focal-security 112.0.2+build1-0ubuntu0.20.04.1 amd64 [upgradable from: 112.0.1+build1-0ubuntu0.20.04.1]
firefox-locale-en/focal-updates,focal-security 112.0.2+build1-0ubuntu0.20.04.1 amd64 [upgradable from: 112.0.1+build1-0ubuntu0.20.04.1]
firefox/focal-updates,focal-security 112.0.2+build1-0ubuntu0.20.04.1 amd64 [upgradable from: 112.0.1+build1-0ubuntu0.20.04.1]
linux-generic/focal-updates 5.4.0.148.146 amd64 [upgradable from: 5.4.0.147.145]
linux-headers-generic/focal-updates 5.4.0.148.146 amd64 [upgradable from: 5.4.0.147.145]
linux-image-generic/focal-updates 5.4.0.148.146 amd64 [upgradable from: 5.4.0.147.145]
linux-libc-dev/focal-updates 5.4.0-148.165 amd64 [upgradable from: 5.4.0-147.164]
tzdata/focal-updates,focal-updates 2023c-0ubuntu0.20.04.1 all [upgradable from: 2023c-0ubuntu0.20.04.0]
~$ cat /etc/apt/sources.list
###### Ubuntu Main Repos
deb http://de.archive.ubuntu.com/ubuntu focal main restricted universe multiverse
###### Ubuntu Update Repos
deb http://de.archive.ubuntu.com/ubuntu focal-updates main restricted universe multiverse
deb http://de.archive.ubuntu.com/ubuntu focal-security main restricted universe multiverse
###### Ubuntu Partner Repo
deb http://archive.canonical.com/ubuntu focal partner
/etc/update-manager$ grep -r . *
meta-release:[METARELEASE]
meta-release:URI = https://changelogs.ubuntu.com/meta-release
meta-release:URI_LTS = https://changelogs.ubuntu.com/meta-release-lts
meta-release:URI_UNSTABLE_POSTFIX = -development
meta-release:URI_PROPOSED_POSTFIX = -proposed
release-upgrades:[DEFAULT]
release-upgrades:Prompt=lts
release-upgrades.d/ubuntu-advantage-upgrades.cfg:[Sources]
release-upgrades.d/ubuntu-advantage-upgrades.cfg:Pockets=security,updates,proposed,backports,infra-security,infra-updates,apps-security,apps-updates
release-upgrades.d/ubuntu-advantage-upgrades.cfg:[Distro]
release-upgrades.d/ubuntu-advantage-upgrades.cfg:PostInstallScripts=./xorg_fix_proprietary.py, /usr/lib/ubuntu-advantage/upgrade_lts_contract.py
release-upgrades.d/allow-third-party.cfg:[Sources]
release-upgrades.d/allow-third-party.cfg:AllowThirdParty = yes