FAQs: Ensuring the ongoing security compliance of Ubuntu

Canonical recently announced that the Ubuntu 12.04 LTS (Long Term Support) period will end on Friday, April 28, 2017.

Following the end-of-life of Ubuntu 12.04 LTS, Canonical is offering Ubuntu 12.04 ESM (Extended Security Maintenance), which provides important security fixes for the kernel and the most essential user space packages in Ubuntu 12.04. Below are several frequently asked questions about what happens when the Ubuntu 12.04 LTS period ends.

If you have any more questions we encourage customers to reach out via Twitter @ubuntu or @dustinkirkland

What CVEs (Common Vulnerabilities and Exposures) will receive patches?

Ubuntu 12.04 ESM is focused on fixing high and critical CVEs. Low and medium updates typically have a mitigation path.

Which hardware platforms are supported under Ubuntu 12.04 ESM?

Currently, we are maintaining the Ubuntu Cloud/Server 64-bit AMD/Intel binaries. We will extend support for other platforms in future updates.

Do all levels of Ubuntu Advantage have access to Ubuntu 12.04 ESM?

Yes. Ubuntu 12.04 ESM is available for UA Virtual Guest, UA Standard and UA Advanced customers. Ubuntu 12.04 ESM is also available to UA Essential customers with a quantity of 100 systems or more. For more information on levels please visit buy.ubuntu.com. If you are a qualifying UA customer, you can request your credentials and have your system ready to receive updates without downtime or gaps.

How can we ensure the security of our Ubuntu 12.04 systems after April 28th?

Sign up to Ubuntu Advantage now, and you will benefit from UA services immediately without having a gap in service when Ubuntu 12.04 goes end-of-life on April, 28th. Ubuntu Advantage is available at buy.ubuntu.com, and or for AWS users, you can purchase Ubuntu Advantage Standard or Advanced through the AWS Marketplace.

How long will Ubuntu 12.04 ESM be maintained?

Ubuntu 12.04 ESM updates will be provided for at least 2 years.

Is it possible to purchase Ubuntu 12.04 ESM months down the road when needed, with or without backdating the cost, or does it need to be in place in advance?

You can purchase UA support any time. It does not need to be in place in advance, although we strongly recommend you eliminate the gap between when Ubuntu 12.04 ESM is enabled on your system(s), to avoid exposing your systems to security vulnerabilities. Ubuntu Advantage is priced year-over-year so there is no backdating.

Any plans to offer Ubuntu 12.04 ESM a la carte without the other features of Advantage?

Yes, in quantities of 1,000 machines or above, at $50/node/year. Contact Canonical Sales.

We’re mirroring the repository on our internal Landscape Server. Is there a guide on how to get Ubuntu 12.04 ESM if using Landscape?

ESM is just a regular Ubuntu archive, but authenticated and served over HTTPS. Archive mirroring is already available in Landscape, and is the only supported mechanism for mirroring the ESM archive.

What will the 12.04 LTS support situation look like from April 29th onward? Will we be able to raise functionality tickets with Canonical or are you ending actual support and providing only security patches?

The support window for Ubuntu 12.04 closes on April 28, 2017. The support team will not be able to fix bugs or build fixed packages once the 12.04 LTS archive is closed.

Will Ubuntu 12.04 ESM include patching my-favorite-package (e.g. PHP5.3)?

Canonical’s Ubuntu Security Team are committed to providing fixes for HIGH and CRITICAL CVEs against the most commonly used server packages in the Ubuntu Main archive. This is essentially a continuation of the same security updates that Ubuntu 12.04 Server users have always received.

Will source code for Ubuntu 12.04 ESM patches be made available? If so, will that be publicly available on Launchpad or only through Ubuntu 12.04 ESM?

Both the binary updates and source code will be available to Ubuntu 12.04 ESM users. We will honour any and all licenses associated with the open source code in Ubuntu.