I think there's a strong argument to be made that not supporting SNI is a security problem, and will become quite a serious one over the next few years.
SNI is fait accompli. It will be adopted. It is being adopted. Without support for it, a rapidly growing number of sites will not be securely accessible, and effective regressions like the one you experienced will be encountered more and more frequently.
And in an age where interconnected systems are the default assumption and those systems change fast, I don't think it's realistic to adhere to an overly strict policy about what updates can be brought in during extended support cycles. I think Red Hat recognized this a while back. Canonical probably needs to.
SNI is fait accompli. It will be adopted. It is being adopted. Without support for it, a rapidly growing number of sites will not be securely accessible, and effective regressions like the one you experienced will be encountered more and more frequently.
And in an age where interconnected systems are the default assumption and those systems change fast, I don't think it's realistic to adhere to an overly strict policy about what updates can be brought in during extended support cycles. I think Red Hat recognized this a while back. Canonical probably needs to.