Ubuntu 14.04 LTS ‘Trusty Tahr’ transitioned into the ESM support phase at the end of April 2019, and will no longer be supported for users who do not have access to Extended Security Maintenance (ESM) through Ubuntu Advantage for Infrastructure.
Ubuntu long term support (LTS) releases provide a stable, supported platform for development and production, with five years of guaranteed public maintenance available. Once the public Standard Security Maintenance window comes to a close, Ubuntu LTS releases have an additional three to five years of support (depending upon the release) through ESM.
Access to ESM extends LTS release coverage, allowing for continued security fixes for high and critical common vulnerabilities and exposures (CVEs) for the most commonly used packages in the Ubuntu main archive. This access permits organisations with workloads running on Ubuntu LTS releases to maintain compliance standards by providing a secure environment before upgrading can occur.
For users who need access to ESM, or have questions about this service, please refer to the below FAQs. Do not hesitate to get in touch with our team to discuss any additional questions on ESM for Ubuntu 14.04.
How can I access ESM?
If you are a UA Infrastructure customer and need access to the ESM repository, credentials can be found by clicking ‘My Account’ in the profile section of Canonical’s support portal.
If you are not a UA Infrastructure customer and need access to ESM, please get in touch with our team to learn more and enable ESM for your Ubuntu 14.04 systems.
Why do I need ESM?
If you are in a heavily-regulated industry where continued security certifications or the compliance of infrastructure systems is critical to meet regulatory requirements, it is recommended to utilise ESM to maintain the integrity and stability of those systems.
PCI DSS, SOC 2 and GDPR are three examples of certifications and regulations that mandate security patching across several industry sectors.
Additional reasons and industry requirements for ESM include the below:
- Legacy software maintenance – If your organisation is running legacy software that requires older libraries and packages that can not be re-engineered and therefore upgraded
- Hardware requirements – If your organisation has device software built on one version, in HDI or SCADA environments as an example, and are unable to be upgraded until testing can take place, commonly seen with the healthcare industry
- Long-term deployments – If your organisation has long-term deployments, typically common in telecommunications
In the five years that Trusty Tahr has been released, more than 1,300 Ubuntu Security Notices (USNs) have been issued, with a single USN potentially addressing multiple CVEs. Going forward, USNs will continue to be addressed for UA Infrastructure customers through ESM.
Is it time to upgrade?
It is recommended for all users to upgrade to the latest LTS release, Ubuntu 18.04. This release has significantly faster boot times, is built on the 4.15 kernel, was designed for CI/CD with Kubernetes support built in, has mitigations for Spectre and Meltdown and is tuned for machine learning.
There are three easy ways to upgrade your systems –
- Use the GUI by clicking the Software & Updates icon
- Input the below in the command line:
$ sudo do-release-upgrade
- Use the below command using Landscape, the cloud-management platform for Ubuntu machines:
$ sudo apt-get dist-upgrade
For those utilising 14.04 who cannot upgrade, or who are planning to upgrade in the near future, it is recommended to subscribe to ESM through UA Infrastructure for continued access to security patches.
What are the risks without ESM?
Security vulnerabilities that remain unpatched open your infrastructure systems to hackers and the potential of a major breach. Furthermore, security patches are often necessary to meet regulatory requirements commonly found in the finance, healthcare, e-commerce and telco industries.
Subscribing to ESM helps you mitigate the risks, operational costs and potential fines that come from unidentified and unpatched vulnerabilities.
How long will Ubuntu 14.04 LTS be supported through ESM?
Ubuntu 14.04 LTS ‘Trusty Tahr’ will be supported until April 2022 through UA Infrastructure’s ESM service.
Extended Security Maintenance (ESM) for Ubuntu 14.04 Trusty Tahr includes security patches for high and critical vulnerabilities for an additional three years of coverage and is available through an Ubuntu Advantage for Infrastructure subscription. For more information, please visit ubuntu.com/esm and reach out with any questions.