Home / ubuntu / Questions / 1325915
In Process
Howard
Asked: 2021-03-25 14:34:59 +0800 CST

Where to find changelog for ESM kernel and packages

  • 772

The last kernel for 14.04 LTS is 3.13.0-170, and the latest kernel for 14.04 ESM is 3.13.0-184. Where can I find the changelog for ESM kernels and packages to understand what has been fixed in these newer releases?

esm

1 Answers

  1. Update 2022-07-14

    A more straightforward and structured way to find the outstanding USNs and CVEs applicable to a system is to use the OVAL data provided by Ubuntu, combined with the OpenSCAP tools:

    https://ubuntu.com/security/oval

    ESM updates are included (tested on a Xenial system).

    Following the instructions on that page will generate an HTML report based on the packages installed on the system. A report in OVAL XML format can also be generated (with the oscap --results option) for further processing.

    The libopenscap8 package needs to be installed for the oscap tool to be available.

    Original answer

    The best source of change information that I have found is the Ubuntu Security Notices collection. Publicly-available changelogs and Launchpad access stops at the last public release before ESM.

    It is possible to search the USNs based on the Ubuntu release and the USN title. For example:

    https://ubuntu.com/security/notices?order=newest&release=trusty&details=linux

    To narrow it down to changes for a particular kernel version, the most reliable way I have found is to search through the ubuntu-security-announce mailing list archives, particularly the full raw archive (in mbox format). The mbox archive can be searched using mutt, for example:

    1. wget 'https://lists.ubuntu.com/archives/ubuntu-security-announce.mbox/ubuntu-security-announce.mbox'.
    2. mutt -Rf ubuntu-security-announce.mbox.
    3. Press l (for limit).
    4. Enter the pattern ~s 'usn.*linux' ~b '3\.13\.0' to list only USN (not LSN) messages mentioning the kernel version of interest.
    • 1