Categoría: Security

Mitigating BootHole – ‘There’s a hole in the boot’ – CVE-2020-10713 and related vulnerabilities

Responsible disclosure and coordinated response as a benefit to all Today we released USN-4432-1 announcing updates for a series of vulnerabilities termed BootHole / ‘There’s a hole in the boot’ in GRUB2 (GRand Unified Bootloader version 2) that could allow an attacker to subvert UEFI Secure Boot. The original vulnerability, CVE-2020-10713, which is a high […]

ROS Security Benchmark open for public comment

We’re pleased to announce that the Center for Internet Security (CIS) has publicly released the ROS Security Benchmark for community discussion. When published, this benchmark will document community best-practice configuration settings to properly secure ROS Melodic running on Ubuntu Bionic. Hopefully this is just the beginning of an ongoing effort to define different security profiles […]

FIPS certification for Ubuntu 18.04 LTS

Canonical has received FIPS 140-2, Level 1 certification for cryptographic modules in Ubuntu 18.04 LTS, with FIPS-validated OpenSSL-1.1.1. modules included. This certification enables organisations to meet compliance requirements within the public sector, healthcare and finance industries when utilising Ubuntu 18.04 LTS within public and private cloud environments. Canonical worked with U.S. Government and BSI accredited […]