Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

  1. Blog
  2. Article

Dustin Kirkland
on 11 April 2017

FAQs: Ensuring the ongoing security compliance of Ubuntu


Canonical recently announced that the Ubuntu 12.04 LTS (Long Term Support) period will end on Friday, April 28, 2017.

Following the end-of-life of Ubuntu 12.04 LTS, Canonical is offering Ubuntu 12.04 ESM (Extended Security Maintenance), which provides important security fixes for the kernel and the most essential user space packages in Ubuntu 12.04. Below are several frequently asked questions about what happens when the Ubuntu 12.04 LTS period ends.

If you have any more questions we encourage customers to reach out via Twitter @ubuntu or @dustinkirkland

What CVEs (Common Vulnerabilities and Exposures) will receive patches?

Ubuntu 12.04 ESM is focused on fixing high and critical CVEs. Low and medium updates typically have a mitigation path.

Which hardware platforms are supported under Ubuntu 12.04 ESM?

Currently, we are maintaining the Ubuntu Cloud/Server 64-bit AMD/Intel binaries. We will extend support for other platforms in future updates.

Do all levels of Ubuntu Advantage have access to Ubuntu 12.04 ESM?

Yes. Ubuntu 12.04 ESM is available for UA Virtual Guest, UA Standard and UA Advanced customers. Ubuntu 12.04 ESM is also available to UA Essential customers with a quantity of 100 systems or more. For more information on levels please visit buy.ubuntu.com. If you are a qualifying UA customer, you can request your credentials and have your system ready to receive updates without downtime or gaps.

How can we ensure the security of our Ubuntu 12.04 systems after April 28th?

Sign up to Ubuntu Advantage now, and you will benefit from UA services immediately without having a gap in service when Ubuntu 12.04 goes end-of-life on April, 28th. Ubuntu Advantage is available at buy.ubuntu.com, and or for AWS users, you can purchase Ubuntu Advantage Standard or Advanced through the AWS Marketplace.

How long will Ubuntu 12.04 ESM be maintained?

Ubuntu 12.04 ESM updates will be provided for at least 2 years.

Is it possible to purchase Ubuntu 12.04 ESM months down the road when needed, with or without backdating the cost, or does it need to be in place in advance?

You can purchase UA support any time. It does not need to be in place in advance, although we strongly recommend you eliminate the gap between when Ubuntu 12.04 ESM is enabled on your system(s), to avoid exposing your systems to security vulnerabilities. Ubuntu Advantage is priced year-over-year so there is no backdating.

Any plans to offer Ubuntu 12.04 ESM a la carte without the other features of Advantage?

Yes, in quantities of 1,000 machines or above, at $50/node/year. Contact Canonical Sales.

We’re mirroring the repository on our internal Landscape Server. Is there a guide on how to get Ubuntu 12.04 ESM if using Landscape?

ESM is just a regular Ubuntu archive, but authenticated and served over HTTPS. Archive mirroring is already available in Landscape, and is the only supported mechanism for mirroring the ESM archive.

What will the 12.04 LTS support situation look like from April 29th onward? Will we be able to raise functionality tickets with Canonical or are you ending actual support and providing only security patches?

The support window for Ubuntu 12.04 closes on April 28, 2017. The support team will not be able to fix bugs or build fixed packages once the 12.04 LTS archive is closed.

Will Ubuntu 12.04 ESM include patching my-favorite-package (e.g. PHP5.3)?

Canonical’s Ubuntu Security Team are committed to providing fixes for HIGH and CRITICAL CVEs against the most commonly used server packages in the Ubuntu Main archive. This is essentially a continuation of the same security updates that Ubuntu 12.04 Server users have always received.

Will source code for Ubuntu 12.04 ESM patches be made available? If so, will that be publicly available on Launchpad or only through Ubuntu 12.04 ESM?

Both the binary updates and source code will be available to Ubuntu 12.04 ESM users. We will honour any and all licenses associated with the open source code in Ubuntu.

Related posts


Canonical
4 December 2024

Canonical announces Ubuntu Security Research Alliance Program 

Canonical announcements Article

Today, Canonical, the publisher of Ubuntu, announced its new Ubuntu Security Research Alliance Program, a free partnership between Canonical and open source vulnerability scanning organizations. The goal is to ensure vulnerability data is more transparent and standardized, while improving on-platform security for Ubuntu users through more ...


eslerm
19 November 2024

Needrestart local privilege escalation vulnerability fixes available

Ubuntu Article

Qualys discovered vulnerabilities which allow a local attacker to gain root privileges in the needrestart package (CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, and CVE-2024-11003) and a related issue in libmodule-scandeps-perl (CVE-2024-10224). The vulnerabilities affect Debian, Ubuntu and other Linux distributions. Canonical’s securit ...


Luci Stanescu
28 October 2024

Imagining the future of Cybersecurity

Ubuntu Security

October 2024 marks the 20th anniversary of Ubuntu. The cybersecurity landscape has significantly shifted since 2004. If you have been following the Ubuntu Security Team’s special three-part series podcast that we put out to mark Cybersecurity Awareness Month, you will have listened to us talk about significant moments that have shaped the ...