Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Secure your Open-Source Freedom for 10 years

Hugo Huang

on 16 November 2021

Tags: Apps , Extended Security Maintenance , Google Cloud , Security

This article was last updated 1 year ago.

If this is your desire, it is Ubuntu Pro’s commitment: “Ubuntu Pro will secure your Open-Source Freedom for 10 years”. Security and Freedom shouldn’t be a debate, a trade-off, even a dilemma. Security shouldn’t be your concern when you embrace Open-Source.

A 10-year commitment

Canonical backs Ubuntu Pro for 10 years, ensuring security updates are available throughout, with a guaranteed upgrade path. For example, Ubuntu 16.04 Pro will continue to get security updates until 2026. 

Ubuntu Pro automatically entitles Extended Security Maintenance (ESM). Let’s SSH into your Ubuntu Pro virtual machine. If you haven’t yet upgrade your Ubuntu LTS to Ubuntu Pro, please follow this tutorial. In less than One Minute, you will be able to get your Ubuntu Pro machine without losing any of your mission critical workloads. Once you SSH into your Ubuntu Pro, input:

You will see:

SERVICEENTITLEDSTATUSDESCRIPTION
cisyesenabledCenter for Internet Security Audit Tools
esm-appsyesenabledUA Apps: Extended Security Maintenance (ESM)
esm-infrayesenabledUA Infra: Extended Security Maintenance (ESM)

Wait a second, why are there two “ESM”?

Open Source Security

ESM-infra guarantees 10-year Extended Security Maintenance (ESM) for packages in the Main repository, which includes Canonical-supported free and open-source software. On the other hand, ESM-apps further extend “Extended Security Maintenance” to the Universe repository, which covers community-maintained free and open-source software. Suppose you want to install Node.js; let’s check if the machine pulls the package from the repo:

apt-cache policy nodejs
nodejs:
Installed: (none)
Candidate: 4.2.6~dfsg-1ubuntu4.2+esm1
Version table:
    4.2.6~dfsg-1ubuntu4.2+esm1 500
      500 https://esm.myasnchisdf.eu.org/apps/ubuntu xenial-apps-security/main amd64 Packages
    4.2.6~dfsg-1ubuntu4.2 500
      500 http://us-central1.gce.archive.myasnchisdf.eu.org/ubuntu xenial-updates/universe amd64 Packages
      500 http://security.myasnchisdf.eu.org/ubuntu xenial-security/universe amd64 Packages
    4.2.6~dfsg-1ubuntu4 500
      500 http://us-central1.gce.archive.myasnchisdf.eu.org/ubuntu xenial/universe amd64 Packages

Ubuntu Pro adds security coverage for the most important open source applications like Apache Kafka, NGINX, MongoDB, Redis and PostgreSQL.

Ubuntu cloud

Ubuntu offers all the training, software infrastructure, tools, services and support you need for your public and private clouds.

Newsletter signup

Get the latest Ubuntu news and updates in your inbox.

By submitting this form, I confirm that I have read and agree to Canonical's Privacy Policy.

Related posts

Ubuntu Explained: How to ensure security and stability in cloud instances—part 3

Applying updates across a fleet of multiple Ubuntu instances is a balance of security and service uptime. We explore best practices to maximise stability.

Ubuntu Explained: How to ensure security and stability in cloud instances—part 2

You probably know that it is important to apply security updates. You may not be clear how to do that. We are going to explain best practices for applying...

Securing open source software dependencies in the public cloud

Building stable and secure software requires understanding build systems and having a plan for vulnerabilities in your software dependencies.