Canonical Ubuntu 14.04 Long Term Support (LTS) will transition from its five-year Standard Security Maintenance window April 25.
Oracle Cloud Infrastructure customers using existing Ubuntu 14.04 images can continue to launch and use those images, but after July, the Oracle IaaS console will no longer show Ubuntu 14.04 images as an option. The final standard Ubuntu 14.04 LTS image will be made available through the Oracle Cloud Marketplace.
This post explains how Oracle and Canonical are helping customers through this transition.
Oracle has partnered with Canonical to offer extended security for Ubuntu 14.04 LTS users on Oracle Cloud. Going forward, organizations running Ubuntu 14.04 LTS will need to subscribe to Extended Security Maintenance (ESM) from Canonical to continue receiving updates and patches as the release transitions from its five-year Standard Security Maintenance window. ESM ensures the ongoing security and compliance of workloads running on the 14.04 LTS release of Ubuntu, extending the package coverage for an additional three years.
The introduction of ESM for Ubuntu 12.04 LTS last year, the first LTS version of Ubuntu to receive ESM coverage, provided coverage for all major security and compliance issues facing IT departments. ESM secured organizations using Ubuntu 12.04 LTS against more than 60 high- and critical-priority vulnerabilities, making it an important compliance element for customers using compute in the public cloud and on-premises.
The continuity of security patching from ESM is delivered alongside Canonical's Ubuntu Advantage support offering. Oracle is proud to be a Canonical partner.
ESM protects workloads running on Ubuntu 14.04, enabling them to run in a fail-safe environment and under full support while IT, DevOps and security teams plan and manage the migration process.
Canonical’s Ubuntu security team will continue patching the Linux kernel with fixes on high and critical common vulnerabilities and exposures for the most commonly used server packages in the Ubuntu main archive. During the standard five-year support lifetime of an Ubuntu LTS release, Canonical provides security maintenance to all end users. This Standard Security Maintenance covers binary packages that reside in the main and restricted components of the Ubuntu archive. This FAQ contains more information.
ESM covers a wide set of packages and is actively maintained for up to eight years. For Ubuntu 14.04 LTS, in addition to the extended ESM lifespan, Canonical will provide security maintenance to a wide range of binary packages that are commonly used in cloud and server workloads on 64-bit x86 AMD/Intel architectures. See the service description for additional details.
See the list of source packages to find out what binary packages are covered through ESM for Ubuntu 14.04 LTS.
Canonical recommends organizations running workloads on Ubuntu 14.04 LTS to upgrade to a later LTS release. The most recent LTS version of Ubuntu 18.04 includes significant security and feature improvements, including a v4.15 based kernel, Python 3, improved UEFI Secure Boot handling and OpenJDK 10 as the default JRE/JDK. Ubuntu 18.04 LTS Bionic Beaver includes public support through April 2023.
Users who cannot immediately update to a later LTS release may subscribe to Extended Security Maintenance (ESM) to continue receiving updates and patches on Ubuntu 14.04 LTS. ESM provides updates to mitigate critical security issues beyond the standard five-year LTS window.