Blog posts tagged
"CVE"

14 posts

Lech Sandecki
3 October 2023

Zenbleed vulnerability fix for Ubuntu

Article Cloud and server

On 24 July 2023, security researchers from Google’s Information Security Engineering team disclosed a hardware vulnerability affecting AMD’s Zen 2 family of microprocessors. They dubbed this vulnerability “Zenbleed” (CVE-2023-20593), evoking memories of previous vulnerabilities like HeartBleed and hinting at its...

Lech Sandecki
3 October 2023

Canonical
7 March 2023

Canonical joins the Eclipse Foundation’s Software Defined Vehicle working group

Article Ubuntu

Canonical is excited to announce it is now an official member of the Eclipse Software Defined Vehicle Working Group (SDV WG). Eclipse SDV focuses on software-defined vehicles (SDVs) and pushes innovations in automotive-grade solutions using open-source software. By offering an open technology platform, automotive...

Canonical
7 March 2023

Florencia Cabral Berenfus
15 December 2021

Security vulnerabilities on the Data Distribution Service (DDS)

Article Robotics

Learn more about DDS, and how to stay protected while using it If you are currently running the Robot Operating System 2 (ROS 2), this piece is especially relevant to the security of your robots. A few weeks ago, a group of security researchers reported 13 security vulnerabilities affecting some of the most used...

Florencia Cabral Berenfus
15 December 2021

Lech Sandecki
28 October 2021

Enhance the security of your open-source applications and share feedback

Article Ubuntu

Are you spending time on high-impact, high-value activities, or are you constantly derailed by maintenance, support, and deployment challenges? Does your organisation consume open-source software that needs security patching? Where do you get the security updates from, and how do you track what’s available? Are you...

Lech Sandecki
28 October 2021

Gabriel Aguiar Noury
5 October 2021

ROS CVE alert; ensuring security for robotics

Article Robotics

Security for robotics is a priority for ROS developers and crucial for the success of robotics. Open Robotics has registered a CVE that affects ROS Kinetic, Melodic and Noetic. CVE stands for Common Vulnerabilities and Exposures, and it’s an international system that provides a method for publicly sharing information on...

Gabriel Aguiar Noury
5 October 2021

Nikos Mavrogiannopoulos
30 March 2021

What lies on the second phase of Ubuntu LTS? Two years of Ubuntu 14.04 in ESM

Article Security

Two years ago, we launched the Extended Security Maintenance (ESM) phase of Ubuntu 14.04, providing access to CVE patches through an Ubuntu Advantage for Infrastructure free or paid subscription. This phase extended the lifecycle of Ubuntu 14.04 LTS, released in April 2014, to a total of ten years, ending in April 2024....

Nikos Mavrogiannopoulos
30 March 2021

Alex Murray
29 July 2020

Mitigating BootHole – ‘There’s a hole in the boot’ – CVE-2020-10713 and related vulnerabilities

Article Cloud and server

Responsible disclosure and coordinated response as a benefit to all Today we released USN-4432-1 announcing updates for a series of vulnerabilities termed BootHole / ‘There’s a hole in the boot’ in GRUB2 (GRand Unified Bootloader version 2) that could allow an attacker to subvert UEFI Secure Boot. The original...

Alex Murray
29 July 2020

Lech Sandecki
1 April 2020

FIPS 140-2: Stay compliant and secure with Canonical

Article Cloud and server

FIPS 140-2 is a set of publicly announced cryptographic standards developed by the National Institute of Standards and Technology. It is an essential part of FEDRamp requirements for many governmental agencies in the US and Canada, as well as their business partners from all around the world. Furthermore, as a well...

Lech Sandecki
1 April 2020

Canonical
5 August 2019

Charmed Kubernetes update for upstream API server vulnerability

Article Cloud and server

An upstream Kubernetes vulnerability (CVE-2019-11247) has been identified where the API server mistakenly allows access to a cluster-scoped custom resource, if the request is made as if the resource were namespaced. Authorisations for the resource accessed in this manner are enforced using roles and role bindings within...

Canonical
5 August 2019

Canonical
7 May 2019

Ubuntu 14.04 LTS has transitioned to ESM support

Article Cloud and server

Extended Security Maintenance (ESM) is now available for Ubuntu 14.04 LTS to provide ongoing security patches for high and critical CVEs for UA Infrastructure customers.

Canonical
7 May 2019

Canonical
9 November 2017

Security Team Weekly Summary: November 9, 2017

Article Cloud and server

The Security Team weekly reports are intended to be very short summaries of the Security Team’s weekly activities. If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: [email protected]...

Canonical
9 November 2017

Canonical
2 November 2017

Security Team Weekly Summary: November 2, 2017

Article Cloud and server

The Security Team weekly reports are intended to be very short summaries of the Security Team’s weekly activities. If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: [email protected]...

Canonical
2 November 2017

Canonical
21 June 2017

Kernel Team Summary: June 22, 2017

Article Cloud and server

This newsletter is to provide a status update from the Ubuntu Kernel Team. There will also be highlights provided for any interesting subjects the team may be working on. If you would like to reach the kernel team, you can find us at the #ubuntu-kernel channel on FreeNode. Alternatively, you can mail the Ubuntu Kernel

Canonical
21 June 2017

Canonical
8 June 2017

Kernel Team Summary- June 8, 2017

Article Cloud and server

Introduction This newsletter is to provide a status update from the Ubuntu Kernel Team. There will also be highlights provided for any interesting subjects the team may be working on. If you would like to reach the kernel team, you can find us at the #ubuntu-kernel channel on FreeNode. Alternatively, you can mail the Ubuntu

Canonical
8 June 2017