Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

Blog posts tagged
"CVE"


Lech Sandecki
3 October 2023

Zenbleed vulnerability fix for Ubuntu

Cloud and server Article

On 24 July 2023, security researchers from Google’s Information Security Engineering team disclosed a hardware vulnerability affecting AMD’s Zen 2 family of microprocessors. They dubbed this vulnerability “Zenbleed” (CVE-2023-20593), evoking memories of previous vulnerabilities like HeartBleed and hinting at its possible impact. In respon ...


Canonical
7 March 2023

Canonical joins the Eclipse Foundation’s Software Defined Vehicle working group

Ubuntu Article

Canonical is excited to announce it is now an official member of the Eclipse Software Defined Vehicle Working Group (SDV WG). Eclipse SDV focuses on software-defined vehicles (SDVs) and pushes innovations in automotive-grade solutions using open-source software. By offering an open technology platform, automotive companies can use and int ...


Florencia Cabral Berenfus
15 December 2021

Security vulnerabilities on the Data Distribution Service (DDS)

Robotics Article

Learn more about DDS, and how to stay protected while using it If you are currently running the Robot Operating System 2 (ROS 2), this piece is especially relevant to the security of your robots. A few weeks ago, a group of security researchers reported 13 security vulnerabilities affecting some of the most used implementations ...


Lech Sandecki
28 October 2021

Enhance the security of your open-source applications and share feedback

Ubuntu Article

Are you spending time on high-impact, high-value activities, or are you constantly derailed by maintenance, support, and deployment challenges? Does your organisation consume open-source software that needs security patching? Where do you get the security updates from, and how do you track what’s available? Are you responsible for vulnera ...


Gabriel Aguiar Noury
5 October 2021

ROS CVE alert; ensuring security for robotics

Robotics Article

Security for robotics is a priority for ROS developers and crucial for the success of robotics. Open Robotics has registered a CVE that affects ROS Kinetic, Melodic and Noetic. CVE stands for Common Vulnerabilities and Exposures, and it’s an international system that provides a method for publicly sharing information on cybersecurity vuln ...


Nikos Mavrogiannopoulos
30 March 2021

What lies on the second phase of Ubuntu LTS? Two years of Ubuntu 14.04 in ESM

Security Article

Two years ago, we launched the Extended Security Maintenance (ESM) phase of Ubuntu 14.04, providing access to CVE patches through an Ubuntu Advantage for Infrastructure free or paid subscription. This phase extended the lifecycle of Ubuntu 14.04 LTS, released in April 2014, to a total of ten years, ending in April 2024. During the ESM ...


Alex Murray
29 July 2020

Mitigating BootHole – ‘There’s a hole in the boot’ – CVE-2020-10713 and related vulnerabilities

Cloud and server Article

Responsible disclosure and coordinated response as a benefit to all Today we released USN-4432-1 announcing updates for a series of vulnerabilities termed BootHole / ‘There’s a hole in the boot’ in GRUB2 (GRand Unified Bootloader version 2) that could allow an attacker to subvert UEFI Secure Boot. The original vulnerability, CVE-2020-1071 ...


Lech Sandecki
1 April 2020

FIPS 140-2: Stay compliant and secure with Canonical

Cloud and server Article

FIPS 140-2 is a set of publicly announced cryptographic standards developed by the National Institute of Standards and Technology. It is an essential part of FEDRamp requirements for many governmental agencies in the US and Canada, as well as their business partners from all around the world. Furthermore, as a well established and verifie ...


Canonical
5 August 2019

Charmed Kubernetes update for upstream API server vulnerability

Cloud and server Article

An upstream Kubernetes vulnerability (CVE-2019-11247) has been identified where the API server mistakenly allows access to a cluster-scoped custom resource, if the request is made as if the resource were namespaced. Authorisations for the resource accessed in this manner are enforced using roles and role bindings within the namespace. Thi ...


Canonical
7 May 2019

Ubuntu 14.04 LTS has transitioned to ESM support

Cloud and server Article

Extended Security Maintenance (ESM) is now available for Ubuntu 14.04 LTS to provide ongoing security patches for high and critical CVEs for UA Infrastructure customers. ...


Canonical
9 November 2017

Security Team Weekly Summary: November 9, 2017

Cloud and server Article

The Security Team weekly reports are intended to be very short summaries of the Security Team’s weekly activities. If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: [email protected] During the last week ...


Canonical
2 November 2017

Security Team Weekly Summary: November 2, 2017

Cloud and server Article

The Security Team weekly reports are intended to be very short summaries of the Security Team’s weekly activities. If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: [email protected] During the last week ...


  1. Previous page
  2. 1
  3. 2
  4. Next page