Your submission was sent successfully! Close

Menu Close menu

Blog posts tagged
"Vulnerabilities"

Henry Coggill
3 November 2023

Meet Cyber Essentials requirements with Ubuntu Pro

Hardening Article

Cyber Essentials is an increasingly important security standard within the UK that allows organisations to demonstrate to their customers that they operate their business in a secure and trustworthy manner. Achieving the Cyber Essentials certification helps businesses win new customers and  stand out amongst their peers. It is a requireme ...

Lech Sandecki
3 October 2023

Zenbleed vulnerability fix for Ubuntu

Cloud and server Article

On 24 July 2023, security researchers from Google’s Information Security Engineering team disclosed a hardware vulnerability affecting AMD’s Zen 2 family of microprocessors. They dubbed this vulnerability “Zenbleed” (CVE-2023-20593), evoking memories of previous vulnerabilities like HeartBleed and hinting at its possible impact. In respon ...

Canonical
16 December 2021

Log4Shell: Log4j remote code execution vulnerability

Security Article

Last updated on 18th January 2022 to include the latest vulnerability updates. A high impact vulnerability was discovered in Apache Log4j 2, a widely deployed software component used by a lot of Java applications to facilitate logging. An attacker who can control the log messages or their parameters can cause the application to execute ar ...

Florencia Cabral Berenfus
15 December 2021

Security vulnerabilities on the Data Distribution Service (DDS)

Robotics Article

Learn more about DDS, and how to stay protected while using it If you are currently running the Robot Operating System 2 (ROS 2), this piece is especially relevant to the security of your robots. A few weeks ago, a group of security researchers reported 13 security vulnerabilities affecting some of the most used implementations ...

Lech Sandecki
28 October 2021

Enhance the security of your open-source applications and share feedback

Ubuntu Article

Are you spending time on high-impact, high-value activities, or are you constantly derailed by maintenance, support, and deployment challenges? Does your organisation consume open-source software that needs security patching? Where do you get the security updates from, and how do you track what’s available? Are you responsible for vulnera ...

Nikos Mavrogiannopoulos
9 July 2021

Linux kernel Livepatching

Cloud and server Article

Ubuntu Livepatch is the service and the software that enables organizations to quickly patch vulnerabilities on the Ubuntu Linux kernels. Livepatch provides uninterrupted service while reducing fire drills during high and critical severity kernel vulnerabilities. It is a complex technology and the details can be confusing, so in this post ...

Nikos Mavrogiannopoulos
30 March 2021

What lies on the second phase of Ubuntu LTS? Two years of Ubuntu 14.04 in ESM

Security Article

Two years ago, we launched the Extended Security Maintenance (ESM) phase of Ubuntu 14.04, providing access to CVE patches through an Ubuntu Advantage for Infrastructure free or paid subscription. This phase extended the lifecycle of Ubuntu 14.04 LTS, released in April 2014, to a total of ten years, ending in April 2024. During the ESM ...

Canonical
24 November 2020

Canonical publishes LTS Docker Image Portfolio on Docker Hub

Canonical announcements Article

Ten year maintenance commitment on app images provides secure cloud software supply chain November 24th 2020: Canonical has published the LTS Docker Image Portfolio, a curated set of secure container application images, on Docker Hub. The LTS Docker Image Portfolio comes with up to ten years Extended Security Maintenance by Canonical. “LT ...

Canonical
7 May 2019

Ubuntu 14.04 LTS has transitioned to ESM support

Cloud and server Article

Extended Security Maintenance (ESM) is now available for Ubuntu 14.04 LTS to provide ongoing security patches for high and critical CVEs for UA Infrastructure customers. ...

Canonical
14 August 2018

Ubuntu updates for L1 Terminal Fault vulnerabilities

Canonical announcements Article

Today Intel announced a new side channel vulnerability known as L1 Terminal Fault. Raoul Strackx, Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, and researchers from Intel discovered that memory present in the L1 data cache of an Intel CPU core may ...

Canonical
16 November 2017

Security Team Weekly Summary: November 16, 2017

Cloud and server Article

  The Security Team weekly reports are intended to be very short summaries of the Security Team’s weekly activities. If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: ubuntu-hardened@lists.ubuntu.com During the last we ...