Ubuntu Pro is GA: 10 years' support for OS, optional support for 23k packages
Welcome stability for users and a canny move by Canonical
Ubuntu maintainer Canonical has made its Ubuntu Pro subscription generally available (GA), four months after a beta release of the extended security and compliance offering for the open source operating system.
Ubuntu Pro (priced at $25 per year for workstation or $500 per year for server) expands Canonical’s ten-year security coverage and optional technical support to an additional 23,000 packages beyond the main OS.
That means a decade’s support not just for the Ubuntu OS, but applications available for that OS version including deprecated software like Python 2 that customers may be using for mission-critical applications.
Upgrading gets you access to Ubuntu Pro repositories so that every time you update your software, you are pulling from its Expanded Security Maintenance repositories (via well-known paths for existing users: e.g. unattended-upgrades, the Software Updater on the Desktop, or apt upgrade
command in the CLI.)
To ensure that all available CVE fixes are applied, users can run:
$ sudo apt update && sudo apt upgrade
The company offers five machines for free. Potentially interested customers can also access Ubuntu Pro through Canonical’s public cloud partners’ marketplaces - AWS, Azure and Google Cloud – on a per-hour basis, billed directly by the cloud, and priced at approximately 3.5% of the average underlying compute cost.
See also: A CVSS 10 bug in the Linux Kernel? Don't panic...
Canonical said it has “an 18-year track record of timely security updates for the main Ubuntu OS, with critical CVEs patched in less than 24 hours on average. Ubuntu Pro’s coverage spans critical, high and selected medium CVEs for thousands of applications and toolchains, including Ansible, Apache Tomcat, Apache Zookeeper, Docker, Nagios, Node.js, phpMyAdmin, Puppet, PowerDNS, Python, Redis, Rust, WordPress, and more.”
For users running in regulated environments, Canonical also has a set of FIPS-certified crypto-modules and hardening scripts available. Ubuntu Pro is available for every Ubuntu LTS from 16.04 LTS
"I manage my own compute cluster leveraging MAAS and other Canonical tools to support my research. The Open source security patches delivered through Ubuntu Pro gives my team peace of mind, and ensures my servers are secure. Canonical is continuously delivering timely CVE patches covering a broad portfolio of open source applications for the entire ten-year lifetime of an Ubuntu LTS. This brings much needed stability and compliance”, said David A Gutman, MD PhD, Associate Professor of Pathology, Emory University, in a release.
Ubuntu Pro includes tools for compliance management in regulated and audited environments and users Ubuntu Pro users can access FIPS certified cryptographic packages, necessary for all Federal Government agencies as well as organisations operating under compliance regimes like FedRAMP, HIPAA, and PCI-DSS.