Ubuntu 24.04 security patch for Ubuntu Pro only
Mike Kupfer
kupfer at rawbw.com
Wed Mar 11 19:43:26 UTC 2026
nate wrote:
> what makes this mongo-c driver special enough to patch?
I don't know about that package specifically. The FAQ at
https://discourse.ubuntu.com/t/ubuntu-pro-faq/34042 says
Ubuntu Security Team prioritises critical and high CVEs. They will
also tackle selected medium CVEs. For customers with specific
compliance requirements, Canonical allows enterprise customers to
sponsor additional patches up to medium CVEs for a selected subset
of packages and their dependencies.
Canonical doesn’t withhold those commercially “sponsored” security
updates. Over the last several years Canonical secured more and more
Universe Packages via such enterprise customer engagements and
expanded the security team to now cover the full set of packages in
‘Universe’. Therefore, a growing portfolio of security updates is
already available to Ubuntu Pro users.
I just signed up for Pro today and got updates for imagemagick and
emacs-lucid.
> Everything I have read says ESM does nothing(from a security
> standpoint) other than extend the lifetime of LTS.
Based on what I've read, ESM gives you access to additional security
fixes for packages in Universe. You don't have to wait for someone in
the community to apply the fix and respin the package, nor do you have
to track down the fix and build from source.
best regards,
mike
More information about the ubuntu-users
mailing list