Background

Switched from ArchLinux to Fedora 41 about 5 months ago, relatively experienced Linux user, but newbie with respect to RPM packages and dnf. I usually do not go for package/system upgrades as soon as they are released for stability reasons.

I do update on a daily basis, but only for bug-fixes and security updates using the below command -

sudo dnf upgrade --offline --assumeyes --refresh --security --bugfix

Questions

1. When F42 was released, it meant that F41 will not receive new updates for certain packages. What packages exactly? For example, I know I’ll not get GNOME 48 on F41, but I am receiving various kernel updates and also updates for other packages. So what is the scope of not receiving updates?

2. I hear that bugfix and security updates are only discovered/found if the package maintainer has tagged the updates as such. So, is that done accurately for all updates? Also, what about packages like the NVIDIA drivers from RPM Fusion? Are updates to those packages correctly/consistently tagged for security/bugfix categories?

Some critical packages are maintained but not upgraded to a new major/breaking version on older Fedora. For example gcc is 14.2 in F41 and 15.1 in f42.

For those packages the process is for there to be a Fedora Change Proposal raised detailing what the benefits and impact is for the change.

I do not know how you would judge that marking bugfix/security is done accurately. Often it’s not clear if a fix is, or is not, a security fix.

I can say that I do not see this being raised as an issue on the developer mailing lists.