FAQs: Ensuring the ongoing security compliance of Ubuntu

Dustin Kirkland

Dustin Kirkland

on 11 April 2017

Canonical recently announced that the Ubuntu 12.04 LTS (Long Term Support) period will end on Friday, April 28, 2017.

Following the end-of-life of Ubuntu 12.04 LTS, Canonical is offering Ubuntu 12.04 ESM (Extended Security Maintenance), which provides important security fixes for the kernel and the most essential user space packages in Ubuntu 12.04. Below are several frequently asked questions about what happens when the Ubuntu 12.04 LTS period ends.

If you have any more questions we encourage customers to reach out via Twitter @ubuntu or @dustinkirkland

What CVEs (Common Vulnerabilities and Exposures) will receive patches?

Ubuntu 12.04 ESM is focused on fixing high and critical CVEs. Low and medium updates typically have a mitigation path.

Which hardware platforms are supported under Ubuntu 12.04 ESM?

Currently, we are maintaining the Ubuntu Cloud/Server 64-bit AMD/Intel binaries. We will extend support for other platforms in future updates.

Do all levels of Ubuntu Advantage have access to Ubuntu 12.04 ESM?

Yes. Ubuntu 12.04 ESM is available for UA Virtual Guest, UA Standard and UA Advanced customers. Ubuntu 12.04 ESM is also available to UA Essential customers with a quantity of 100 systems or more. For more information on levels please visit buy.ubuntu.com. If you are a qualifying UA customer, you can request your credentials and have your system ready to receive updates without downtime or gaps.

How can we ensure the security of our Ubuntu 12.04 systems after April 28th?

Sign up to Ubuntu Advantage now, and you will benefit from UA services immediately without having a gap in service when Ubuntu 12.04 goes end-of-life on April, 28th. Ubuntu Advantage is available at buy.ubuntu.com, and or for AWS users, you can purchase Ubuntu Advantage Standard or Advanced through the AWS Marketplace.

How long will Ubuntu 12.04 ESM be maintained?

Ubuntu 12.04 ESM updates will be provided for at least 2 years.

Is it possible to purchase Ubuntu 12.04 ESM months down the road when needed, with or without backdating the cost, or does it need to be in place in advance?

You can purchase UA support any time. It does not need to be in place in advance, although we strongly recommend you eliminate the gap between when Ubuntu 12.04 ESM is enabled on your system(s), to avoid exposing your systems to security vulnerabilities. Ubuntu Advantage is priced year-over-year so there is no backdating.

Any plans to offer Ubuntu 12.04 ESM a la carte without the other features of Advantage?

Yes, in quantities of 1,000 machines or above, at $50/node/year. Contact Canonical Sales.

We’re mirroring the repository on our internal Landscape Server. Is there a guide on how to get Ubuntu 12.04 ESM if using Landscape?

ESM is just a regular Ubuntu archive, but authenticated and served over HTTPS. Archive mirroring is already available in Landscape, and is the only supported mechanism for mirroring the ESM archive.

What will the 12.04 LTS support situation look like from April 29th onward? Will we be able to raise functionality tickets with Canonical or are you ending actual support and providing only security patches?

The support window for Ubuntu 12.04 closes on April 28, 2017. The support team will not be able to fix bugs or build fixed packages once the 12.04 LTS archive is closed.

Will Ubuntu 12.04 ESM include patching my-favorite-package (e.g. PHP5.3)?

Canonical’s Ubuntu Security Team are committed to providing fixes for HIGH and CRITICAL CVEs against the most commonly used server packages in the Ubuntu Main archive. This is essentially a continuation of the same security updates that Ubuntu 12.04 Server users have always received.

Will source code for Ubuntu 12.04 ESM patches be made available? If so, will that be publicly available on Launchpad or only through Ubuntu 12.04 ESM?

Both the binary updates and source code will be available to Ubuntu 12.04 ESM users. We will honour any and all licenses associated with the open source code in Ubuntu.

Talk to us today

Interested in running Ubuntu Desktop in your organisation?

Newsletter signup

Select topics you’re interested in

In submitting this form, I confirm that I have read and agree to Canonical’s Privacy Notice and Privacy Policy.

Related posts

Ubuntu Updates for the Meltdown / Spectre Vulnerabilities

  For up-to-date patch, package, and USN links, please refer to: https://wiki.ubuntu.com/Securi...   Unfortunately, you’ve probably already read about one of the most widespread security issues…

Webinar: How to ensure the ongoing security compliance of Ubuntu 12.04

Many enterprises still run Ubuntu 12.04 LTS but updates will end soon. Ubuntu 12.04 LTS users are encouraged to upgrade to 14.04 LTS or 16.04 LTS. For some this is easy but for others, particularly for larger deployments, upgrading can be…

Introducing Ubuntu 12.04 ESM (Extended Security Maintenance)

  Canonical announced the Ubuntu 12.04 LTS (Precise Pangolin) release almost 5 years ago, on April 26, 2012. As with all LTS releases, Canonical has provided ongoing security patches and bug fixes for a period of 5 years. The Ubuntu…