Some readers might remember that, when I discussed the CVE-2021-32563 vulnerability in Thunar, I complained that Sean Davis (aka Bluesabre or bluesabredavis), who is both the Xubuntu Technical Lead and an Xfce Core Developer, was absolutely unaware of anything and everything. This guy claimed (those tweets have been deleted meanwhile) that “without a bug report, fixes don’t happen” and that he eventually filed the bug on Launchpad. To that, I replied: “It’s still a mystery how package & distro maintainers function nowadays. As a simple user, I was subscribed to many mailing lists 15 years ago. I expect an XFCE fan/lover/pkg maintainer to do at least that. Are you using Thunar? Never bothered to learn about its updates? Really?”

Fixes were made available even before the CVE was published on May 11, 2021, but what did Ubuntu do? Or Xubuntu’s maintainer, for that matter? Ubuntu got the fix “backported to Thunar 1.8.17 for Xfce 4.14”—but Xubuntu 20.04 LTS never got Thunar 1.8.17! The highest it received was 1.8.14, which was vulnerable! Users remained exposed unless using PPAs or building from source. This is how little they cared about an LTS release. (Yeah, even if Thunar belonged to universe, I know that.)

Sean Davis was uncompetent and is incompetent. (He’s not the only incompetent distro maintainer. Clement “Clem” Lefebvre is incompetent in managing Linux Mint. MATE’s team, which is also Ubuntu MATE’s team, is so retarded that it released MATE 1.28 on February 27, 2024, in a way that made it impossible to integrate in Debian and Ubuntu. It’s still not there. Add to this the appalling quality of the Linux kernel, summarized here, with more details here, and you’ll find that trusting Linux is absurd.)

Here’s a fresh proof of the utter incompetence of how Xubuntu is (mis)managed.

DistroWatch: Xubuntu react to attack on their download page:

The Xubuntu project suffered from an attack this weekend which some users reported caused the download link for Xubuntu 25.10 to redirect to an archive containing Windows malware. The Xubuntu project has since taken down the link and redirected their download page to point to the Xubuntu front page. At the time of writing the project has not posted about the incident on their blog or website.

Indeed, xubuntu.org now has a Download button that doesn’t do anything: it goes to xubuntu.org/getxubuntu, but that page currently redirects back to xubuntu.org.

I don’t know what the fuck contained the “getxubuntu” page, but the proper fix would have been to replace that single button with two buttons, as follows:

Alternatively, if that fucking Download button was meant to remain unique, it could have been made to point to https://cdimages.ubuntu.com/xubuntu/releases/

Every Ubuntu maintainer who’s not completely retarded should know that all supported Ubuntu flavors are hosted on cdimages.ubuntu.com and that releases are to be found as follows:

But they are retarded, aren’t they?

Everything is beyond pathetic in Linux. 30+ years for nothing!

They can’t even make a 1-minute quick fix to allow people who don’t want to upgrade to Windows 11 to get an ISO of Xubuntu!