On Linux you can install radare2 in many ways:

- take the .deb files from github’s release page
- use the rpm spec for fedora/redhat/..
- use snap or flatpak packages
- build from source (make or meson), yes, i maintain both build systems, in your home or system wide
- use r2env to switch between many versions

For dockers and ci jobs i usually take the deb

I can’t really compare how much faster, safer and reliable is r2-6.1 against Ubuntu’s 5.5.

The story about why Debian not packaging r2 is complex and long (several maintainers disappeared without notice).

They decided to remove the package after me rejecting to backport fixes for a 4 year old copy of the project to address some CVEs. CVEs usually are a 5% of the real issues for projects like this, just git log|grep crash for a full list.

I refuse to maintain abandoned software that’s not even distributed in its pure source form. Debian ships custom patches that are never reported upstream.

Ubuntu keeps shipping a the last version packaged by Debian, for an unknown reason. Almost no modern plugins like r2ghidra will work.

I have good conversations with Debian maintainers and their release cicle won’t fit what r2 users would need. We move fast, debian expects stability over time, both approaches are fine but unfortunately incompatible.

I did huge advances in r2 about perforance, stability, code quality and security. But its a huge codebase and two hands and two eyes can’t do as much as I wished, so still, after 20 years I recommend everyone to use r2 from git if possible