ESB-2018.0229 - [Ubuntu] Ubuntu 17.04 (Zesty Zapus): Reduced security - Unknown/unspecified 2018-01-23

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2018.0229
    Ubuntu 17.04 (Zesty Zapus) End of Life reached on January 13, 2018
                              23 January 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Ubuntu 17.04 (Zesty Zapus)
Publisher:         Ubuntu
Operating System:  Ubuntu
Impact/Access:     Reduced Security -- Unknown/Unspecified
Resolution:        Alternate Program

Original Bulletin: 
   https://lists.ubuntu.com/archives/ubuntu-security-announce/2018-January/004206.html

- --------------------------BEGIN INCLUDED TEXT--------------------

Ubuntu announced its 17.04 (Zesty Zapus) release almost 9 months ago, on
April 13, 2017.  As a non-LTS release, 17.04 has a 9-month support cycle
and, as such, will reach end of life on Saturday, January 13th.

At that time, Ubuntu Security Notices will no longer include information or
updated packages for Ubuntu 17.04.

The supported upgrade path from Ubuntu 17.04 is via Ubuntu 17.10.
Instructions and caveats for the upgrade may be found at:

https://help.ubuntu.com/community/Upgrades

Ubuntu 17.10 continues to be actively supported with security updates and
select high-impact bug fixes.  Announcements of security updates for Ubuntu
releases are sent to the ubuntu-security-announce mailing list, information
about which may be found at:

https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

Development of a complete response to the highly-publicized Meltdown and
Spectre vulnerabilities is ongoing, and due to the timing with respect to
this End of Life, we will not be providing updated Linux kernel packages for
Ubuntu 17.04.  We advise users to upgrade to Ubuntu 17.10 and install the
updated kernel packages for that release when they become available.

For more information about Canonical's response to the Meltdown and
Spectre vulnerabilities, see:

https://insights.ubuntu.com/2018/01/04/ubuntu-updates-for-the-meltdown-spectre-vulnerabilities/

Since its launch in October 2004 Ubuntu has become one of the most highly
regarded Linux distributions with millions of users in homes, schools,
businesses and governments around the world.  Ubuntu is Open Source
software, costs nothing to download, and users are free to customise or
alter their software in order to meet their needs.

On behalf of the Ubuntu Release Team,
- -- 
Steve Langasek

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWmZ/GYx+lLeg9Ub1AQjWYRAAgvuF+we1V2fJS3xKZFPCrOuyY0zq9mXR
BWZs+AbFDdFDof2fN5SAzf2P4b9o0KWfDnCDrp/t6d1eu4yO37XQ94A7yZDyO/SO
40OgdkxoP2UtpGTyljKVXF86TzJlXgEyJGj3HcAZU5vSmXosiR0AQsTdrnV5g4/G
1s+vtPWLuMZsyZzqlZGIxEZyIkyeneFqB+emLJDqz/ITh28sbwaH9lJRpITmcpOr
XIz8VCLgHrG0aLfVj5KnVuohSzuDXZrk58torUWbuPpM1CqLN5K3eblqsQJQoxqi
ELUYBZL4dA5FclhfFq3FqlEaBXoLRS6iTEyJyS1kmACK4kNVOP+zyfrKQ/6kf0os
lQi+ScVeECLKb6+4kSHJCDRraONhqQ7Axu1FBjLlW+uY5iE7ZookZoXg4npqLMBa
kXcquGwD0JK1jprRj0LG8K9u1GNt9MraN5+HJG8QNq7ft1y1T+gxqGDB4ACAHFui
gXjLPasirYCNWlSDQhfvTNUHGEgjOWaDfiHQkvA+OTTf4wN8z/StMQY0oqQlv3ki
m1PtHdIFU4jZBna7vNWYcwy9/NfV/iIDeZ143gHW722Buf0BH8LOCl1fGHaQqls2
AMQUcXuDMDToNWGkhKk/MdQe16bDaN+2OItRjR/xskkAguG0RFPV4cqYQlbp6+ew
Oo8BS9mbprg=
=JUCq
-----END PGP SIGNATURE-----

« Back to bulletins