Call for testing to qemu -sandbox users

TL;DR: If you enabled -sandbox in your Bionic qemu, please test the PPA [2]

There is a CVE [1] which we fixed in Cosmic [3], but are unsure to backport
to Bionic.
Reasons for that are:
- there is some regression risk associated which we want to minimize
- the sandbox feature it fixes is not enabled by default on Bionic (it is
in Cosmic)

Per discussion between me and the security Team there are two things gating
the backport of this to Bionic.
1. We'd want to know if anybody actually enables -sandbox explicitly in

glibc 2.28 autopkgtest failures

tl;dr we should force things through :)

There are at the time of writing two autopkgtest failures preventing glibc
from migrating: r-cran-rgenoud and python-cffi

The r-cran-genoud failure is mystifying in that I have no idea how the
glibc version is affecting the package (it doesn't call many libc or libm
functions!). I've spent far too long trying on this but as the package has
no rdeps we should probably just remove it and whoever brings it back can
try to understand why it changes behaviour with new libc.

call for testing -- qemu / libvirt sandboxing on 18.04 LTS


Jann Horn has discovered that qemu's seccomp blacklist is not properly
applied to all threads. This means the security hardening is nearly

We'd like to fix this issue so the users who opt-in to the seccomp
filtering will get the benefits they expect.

Incomplete autopkgtest dependencies installed from test-trigger.


I'm confused by this run of snapd test, as triggered by systemd from proposed.
The one in release pocket, ends in 4 and the one in proposed ends in 5

log url is: <a href="" title=""></a>
artifacts url is:
<a href="" title=""></a>

--apt-pocket=proposed=src:systemd --apt-upgrade snapd

Ubuntu Budgie 18.04 automated random key inputs from somewhere on laptop

I've been using ubuntu 18.04 ( budgie ) for my laptop for quite some time. Recently, wierd shit started happening, I would be browsing a website and scroll down and the the webpage would zoom out. Many other such instances happened until I realised that for some reason the Ctrl button input was being given at certain times. Not only that sometimes my mouse right clicks on its own and when I'm browsing something, it automatically goes down.

python3-numpy depending on *both* python 3.6 and 3.7


while investigating some DEP8 failures currently in cosmic's
migration, I came across this:
$ dpkg -s python3-numpy|grep Depends
Depends: python3 (<< 3.8), python3 (>= 3.6~), python3.6:any,
python3.7:any, python3:any (>= 3.3.2-2~), libblas3 |,
libc6 (>= 2.27), liblapack3 |

Is it ok/correct to depend on two python versions like that? Is the
point of it making sure numpy is available regardless which python 3
you are using?

Transition of LXD from deb to snap


As some of you may know, we've slowly been pushing LXD users to use the
snap rather than the deb, whenever their environment allows it.

Starting with Ubuntu 18.10, we will be replacing the deb package
traditionally shipped in Ubuntu by the LXD snap.

There are a few pieces to that migration so I'll go into details about
each of them:

== Dependency management ==
LXD currently has the following reverse dependencies:

- adapt (depends)
- nova-compute-lxd (depends)
- autopkgtest (suggests)
- snapcraft (suggests)

We'll make sure that each of those are capable of handling the LXD sn

ubuntu-release-upgrader and postgresql

With the enabling of upgrades to Ubuntu 18.04 from Ubuntu 16.04 I've
been reminded of postgresql being in the blacklist of packages to
remove. I'm wondering if having this in the blacklist is still relevant.

Bug 1787349[1] is a recent report of the upgrade being blocked because
of postgresql being in the blacklist and bug 871893[2] contains the
historical information on why it was added.

Requiring Launchpad 2FA from Ubuntu uploaders

Launchpad 2FA is currently opt-in for everyone. However, it has been
mandatory for Canonical employees for a number of years now. Details are
documented here:

<a href="" title=""></a>

TOTP and HOTP are supported, so this works with hardware authenticators
such as Yubikeys as well as smartphone apps like OTP Authenticator (from
F-Droid) and Google Authenticator (Play Store), etc.

We[1] think this is now easy enough and standard enough not to be a
burden, so we are inclined to implement this as a requirement for all
Ubuntu uploaders[2].

Proper way to handle britney hints


I would like to know how to properly handle updates to the so called
"britney hints", which controls how DEP8 test failures are handled in
migrations. Particularly for the development release.

I uploaded <a href="" title=""></a>
on Jul 31st, and it has a known failure[1][2] on s390x, for which I
proposed this branch[2]. I also pinged in #ubuntu-release several
times after that.

It seems this communication got lost somehow.

Globally refreshing new group membership - would be needed after some package installations

In certain cases package installations will have to set up new groups,
mostly for access management.

Examples are:
- libvirt to access /var/run/libvirt/libvirt-sock
- lxd to access /var/lib/lxd/unix.socket
- ...

RFC: baseline requirements for Ubuntu rootfs: xattrs and fscaps

A recent customer bug report revealed that we have packages in the standard
Ubuntu system (mtr-tiny) which are making use of filesystem capabilities, to
reduce the need for suid binaries on the system:

$ getcap /usr/bin/mtr-packet
/usr/bin/mtr-packet = cap_net_raw+ep

The customer bug report arose because today, we are not handling all Ubuntu
images in an xattr-safe manner.

Major 14 years old Bug on the Ubuntu Desktop

Over a year ago I quickly discovered inconvenience with the Ubuntu desktop
This inconvenience actually dragged me down for the whole year to not use
Ubuntu Desktop for personal or even organisational operation.

The problem I discovered: The icons on the desktop of the Ubuntu desktop
are getting overflown one over the other after programs such as Text
Editors save the new file on the desktop on top of another already existant
file's icon.

The short-sighted solution for the past 14 years was to click "rearange the
icons on the desktop" to restore the badly positioned icons into their

/usr-merge by default for new installations, with backwards compat

Over the past year, there have been multiple times when I had to fix
scripts / exec calls to account for split-usr and usr-merged systems
by patching constants or adding configuration checks to detect if
certain binaries need to be called from /usr or /.

At the same time, I find certain properties of usr-merged systems
attractive. For example, the fact that all the packaged managed stuff
is scoped in /usr is very convenient, for deduplication, sharing,
snapshotting, including/excluding said dir in configs for diffs &

The improved 18.04.1 LTS Server Installer - Call for testing!

Download from: <a href="" title=""></a>

With the release of 18.04 LTS Bionic Beaver the new server installer
was introduced. At the time, it still lacked certain critical features
which have now been implemented.

For 18.04.1 we are adding support for LVM, RAID, VLAN, Bonds to the
new installer. The functionality and UI are all in place. It has not
yet been refined, thus I expect minor UI changes or improvements to
these features for Cosmic release.

mass SRUing for changing triggers to noawait in progress

Hi ubuntu-devel,

just a quick note that there is a mass SRUing going on (into xenial
mostly) for converting await triggers to noawait, the progress is being
tracked in <a href="" title=""></a>. Help is welcome,
just assign yourself a task first and then complete it. Do note that
there are some pitfalls where triggers cannot be converted to noawait,
like gsettings schemas.

Inconsistencies in package versions for stable releases


This email is following several discussions I have had over the past few
weeks on how the versioning scheme of packages work with respect to
stable releases.

It seems there is some inconsistencies with SRU team members accepting
different-versioned packages due to somewhat varied standards.

Forwarding this to ubuntu-devel.

----- Forwarded message from Julian Andres Klode < ... at debian dot org> -----

Message-ID: <20180618200724. ... at debian dot org>
Accept-Language: de-DE, de, en-GB, en-US, en
User-Agent: NeoMutt/20180512

Hi folks,

With frontend locking in dpkg git, I think it's time I clear up
some potential confusion as to how this is supposed to work in the
APT world.

The idea is that the current _system-

broken packages in xenial-updates

We have a curtin test that runs (simplified)
apt-get update
apt-get install linux-image-generic-hwe-16.04
The jenkins run [1] failed on Monday (06-11), console log at [2] with
the following:

| Some packages could not be installed.

-Wl,-Bsymbolic-functions in Ubuntu but not debian/ why?


does anybody recall why Ubuntu has -Wl,-Bsymbolic-functions in
dpkg-buildflags --get LDFLAGS but not Debian?

Who pulled the plug on the server installer?

Apparently d-i has been replaced with something called "subiquity". It
does not support raid or LVM; you know, things you typically install on
a server. It also ignores existing partitions on the drive and forces
you to blank the drive and start from scratch. Who thought this was
ready for production?

ML for git-ubuntu development

I'd like to discuss ongoing git-ubuntu development in much more detail
than I have done previously, but I'm not sure everyone will want to be
spammed with all the details on ubuntu-devel@.

Can I suggest a takeover of <a href="mailto:ubuntu-distributed- ... at lists dot">ubuntu-distributed- ... at lists dot</a>
for this purpose?

Call for nominations for the Technical Board

Hello Ubuntu developers,

The current 2-year term of the Technical Board [1] is over, and it's
time for electing a new one.

Symbols files for C++ libraries for Ubuntu main


There has recently been a question [1] about whether symbols files
should be mandatory for C++ libraries in Ubuntu 'main'. I'm curious to
hear what other Ubuntu developers think about this topic.

Symbols files aren't mentioned in the official MIR criteria at all. [2]

I think there's general agreement that Ubuntu should use symbols files
for C libraries. And although it's not "required" in Debian as I
understand it, I think there is widespread support for it as "best
practice" there too.

C++ libraries can be much more difficult to maintain symbols files

Proposal: Let's drop i386


Less and less non-amd64-compatible i386 hardware is available for consumers
to buy today from anything but computer part recycling centers. The last of
these machines were manufactured over a decade ago, and support from
an increasing
number of upstream projects has ended.

Ubuntu and flavors just completed the 18.04 release cycle. This released
version will either be supported until 2021 or 2023, depending on the
product, team, and willingness to support it.

Cosmic Cuttlefish is now open for development

Cosmic CANIMAL [1] is now open for development, with the syncs from unstable
done and built. The development version starts with only a few changes:

- The final GCC 8.1.0 release (not yet used as the default)

- Only one transition almost done (ncurses)

Please be aware about the planned compiler changes (GCC update from 7 to 8)
around June/July, an update to OpenJDK 11, and an update from Python 3.6 to 3.7.

Please check your uploads in a cosmic chroot, don't just test in a bionic or
artful environment. See [2] or [3] how to setup such a development chroot.

ubiquity migrated to git

$ git clone lp:ubiquity
$ git push lp:~user/ubiquity

is all you need to know if you already have the git lp: url setup in
your ~/.gitconfig
[url "git+ssh:// ... at git dot"]
insteadof = lp:

(See <a href="" title=""></a> for more details)

lp:ubiquity is owned by ~ubuntu-installer team, and thus access rights
should be same as the bzr branches.

This repository has most of the tags, and currently has three branches:
* xenial
* bionic
* master

I expect master branch to be used for the currently-in-development
release, and branches created on the as-needed basis for

ThreadStack Project: a new innovative open source software for multi-thread computing

I have developed a new open source software as a result of a scientific
research and I want to share my study with scientists and/or software

ThreadStack is an innovative software which produces a class library for
C++ multi-thread programming and the outcome of the ThreadStack acts as an
autonomous management system for the thread synchronization tasks.
ThreadStack has a nice and useful graphical user interface and includes a
short tutorial and code examples.

Announce: docker-buildpackage

Hi folks,

I've written a tool for isolated deb builds in docker containers.
It's a little bit like pbuilder, but using docker for isolation.

<a href="" title=""></a>

Everything written in shellscript, simple config as sh includes.
Not debianized yet, as it might require some local customizations.
(planned for future releases)

I'm also hacking on another tool which automatically clones repos
and calls dck-buildpackage for building whole pipelines - but that's
still experimental and hackish:

<a href="" title=""></a>


hidden symbol `pthread_atfork' in /usr/lib/x86_64-linux-gnu/libpthread_nonshared.a(pthread_atfork.oS) is referenced by DSO


yesterday evening, and today, I upgraded a bionic container where I was
building the nvml packages, and to my surprise a build that worked last
thursday stopped working today:

make[3]: Entering directory
cc -o manpage manpage.o -Wl,-rpath=../../debug -L../../debug -lrpmem
-pthread -lfabric
/usr/bin/x86_64-linux-gnu-ld: manpage: hidden symbol `pthread_atfork' in
/usr/lib/x86_64-linux-gnu/libpthread_nonshared.a(pthread_atfork.oS) is
referenced by DSO
/usr/bin/x86_64-linux-gnu-ld: final link failed: Bad value
collect2: error: ld ret

Intent to remove gksu from Ubuntu 18.04 LTS


I have been working for months to remove gksu from Ubuntu. (It has
already been removed from Debian). The Mythbuntu blocker was fixed
this weekend and I just noticed an Ubuntu Kylin blocker that is being
worked on.

I just wanted to let developers know that I will be trying to remove
gksu from the Ubuntu 18.04 LTS repositories before release. And since
this is a late change that will affect some workflows, I'm emailing
this list.

More details are at <a href="" title=""></a>

Jeremy Bicha

Call for testing: mongodb 3.6

I've updated mongodb and mongo-tools from 3.4 to 3.6 in Bionic (LP:
#1761807). They remain in universe.

As this is very late in the cycle, I took quite some care in testing
things to detect any packaging regressions.

The Gnome Ubuntu Extension

The Gnome Ubuntu Extension, by Xaba
<a href=";p=13756647#post13756647" title=";p=13756647#post13756647">;p=13756647#post13756647</a>

Hi buddies. I have a Dream!

I don't know if someone already proposed a "Gnome Ubuntu" extension to
offer an Ubuntu Unity experience in Gnome. If Canonical doesn't want to
continue developing the Unity, they could maintain an official "Gnome
Ubuntu" extension to offer the Unity experience in Gnome and take care
the "Unity orphans". If Canonical doesn't want to do it, doesn't matter,
we can do it.

update-manager 1:18.04.11 (Accepted)

I saw this upload to bionic today and a similar one for a different
package yesterday and had some questions about it.

Why is it necessary to modify individual packages so that GNOME
Software won't uninstall them?

Is update-manager being a dependency of ubuntu-desktop not enough to
prevent it from being uninstalled?

If it is necessary to modify every package which a metapackage depends
on how is this work being tracked?

What checks are in place to ensure that no packages are missed and that
new additions get appropriately changed?

----- Forwarded message from Jeremy Bicha < ... at ubuntu dot c

Second Bionic Beaver test rebuilds

The second test rebuild of Bionic Beaver was started on April 08 2018 for all
architectures, all components (main component and seeded packages finished,
unseeded packages still building).

Bionic Beaver (18.04) Final Beta Freeze

In some short while bionic will enter the final beta freeze, with a
goal of releasing the Final Beta images hopefully sometime late
Thursday. The link to the milestone can be found here:
<a href="" title=""></a>

The queue freeze will last from now until final release this month,
which means that all seeded packages will now need a spot-check and
review in the queue from a release team member before they are let
into the archive.

As with the previous releases, we have a bot in place that will accept
uploads that are unseeded and don't affect images.

Bionic Beaver User Interface Freeze and nearing Final Beta reminder

This is a gentle reminder that Bionic Beaver (18.04) is in User
Interface Freeze since last week (March 22th). Remember about that
when uploading packages into the archive as any freeze-breaking
changes per <a href="" title=""></a> need to have
an ubuntu-release approved exception [1].

Also, since Final Beta is planned for next week already, remember
about the nearing Beta Freeze on Monday. If you still have any high
impact changes pending for 18.04, now is the time to upload.


[1] <a href="" title=""></a>

New Ubuntu Core Developer - Eric Desrochers

Today, the Ubuntu Developer Membership Board approved Eric Desrochers
(slashd)'s application to join the Ubuntu Core Developer team
(~ubuntu-core-dev). Eric now has upload rights to the entire Ubuntu

Of note, Eric joined the new ~ubuntu-sru-developers team a year ago.


On behalf of the DMB,
Jeremy Bicha

Ubuntu Kernel Team - Newsletter, 2018-03-21

March 21
##Development (18.04)##
[](<a href="" title=""></a>)

* On the road to 18.04 we have a 4.15 based kernel in the Bionic repository.

Important upcoming dates:

        Final Beta - Apr 5 (~2 weeks away)
     Kernel Freeze - Apr 12 (~3 weeks away)
      Final Freeze - Apr 19 (~4 weeks away)
      Ubuntu 18.04 - Apr 26 (~5 weeks away)

##Stable (Released & Supported)##
 * The updated kernel packages for the current SRU cycle are now in
-proposed ready for verification and tests.


Deprecation notice for mail-stack-delivery (dovecot) - planned to be dropped in 18.10

since Ubuntu 18.04 has reached feature freeze we started to think about
One of the changes ahead is the dropping of the mail-stack-delivery package
(part of dovecot).

This package was created a long time ago with the intend to simplify
several steps of a mail server setup, for example to get a safe ssl secured
default installation.
It is essentially almost only a postinst to set up some better defaults.

But the bit that I can derive from bug reports and such indicates that it
is almost unused these days and has become an unused maintenance debt (it
started to show it's age - no

Supporting LZ4 as initramfs compressor


Initramfs-tools uses gzip compression by default which served us well
for quite some time but LZ4 offers way faster decompression while
making a only slightly bigger initramfs files.

On my old laptop the initramfs extraction time decreased from ~1.2s to ~0.24s:
(with lz4)
kernel: [ 0.297726] Unpacking initramfs...
kernel: [ 0.535061] Freeing initrd memory: 77940K
kernel: [ 0.301637] Unpacking initramfs...
kernel: [ 0.539109] Freeing initrd memory: 77940K
(with gzip)
kernel: [ 0.273748] Unpacking initramfs...
kernel: [ 1.490066] Freeing initrd memory: 57140K
kernel: [

Bugs reports should include syslog warnings or not?

Hey there,

<a href="" title=""></a> was raised
to my attention in a discussion about apport/e.u.c and I'm wondering if
the change is right

The report pointed out that private info have been included in a report
through JournalError.txt, and the solution applied was to change apport
to include errors level messages only and not warning.

Looking a bit a journalerror on some bugs it seems we have indeed some
components that log too much content as "warning" (gdm in that case),
but changing to "error" has been cutting out useful warnings and doesn't
seem the

Call for testing: on 18.04


As many of you must have noticed, netplan is now the default network
configuration tool on Ubuntu.

<a href="" title=""></a>

There have been a number of changes to netplan and many new features
added this cycle.

ext4 metadata_csum and backwards compatibility

I'd like to draw attention to:
<a href="" title=""></a>

IRC discussion:
<a href="" title=""></a>

tl;dr: by doing nothing we're implicitly breaking some filesystem
forward compatibility. I'd like us to make an explicit decision about
whether we want this.

I think this probably doesn't matter in the desktop use case.

New Qt5 Uploader - Simon Quigley

Hello everyone,

Please congratulate Simon on his successful Ubuntu Qt5 Uploaders
application! Being part of the team, tsimonq2 now has upload rights to
Qt5 packages in the Ubuntu archives.


zstd compression for packages

Hey folks,

We had a coding day in Foundations last week and Balint and Julian added support for zstd compression to dpkg [1] and apt [2].

[1] <a href="" title=""></a>
[2] <a href="" title=""></a>

Zstd is a compression algorithm developed by Facebook that offers far
higher decompression speeds than xz or even gzip (at roughly constant
speed and memory usage across all levels), while offering 19 compression
levels ranging from roughly comparable to gzip in size (but much faster)
to 19, which is roughly comparable to xz -6:


libssl-dev 1.0.2g is 1.0.0


distribution : artful (ubuntu 17.10)
package libssl-dev [1.0.2g]

the package libssl-dev claims to be 1.0.2g, but it seems to be older
header-version 1.0.0, as it lacks the constant

./crypto/x509/x509_vfy.h:# define X509_V_ERR_INVALID_CALL

It seems libssl binary package is also 1.0.0

ii libssl-dev:amd64 1.0.2g-1ubuntu13.3
amd64 Secure Sockets Layer toolkit -
development files
ii libssl-doc 1.0.2g-1ubuntu13.3
all Secure Sockets Layer toolkit -

git-ubuntu 0.7.1 in edge/candidate/stable channels

Hello all!

I am happy to announce the release of git-ubuntu 0.7.1 to all channels

This is a massive update to our code as well as a refocus on the
import side of things.

Ubuntu Kernel Team - Newsletter, 2018-02-27

February 27
##Development (18.04)##
[](<a href="" title=""></a>)

On the road to 18.04 we have a 4.15 based kernel in the Bionic repository.

Important upcoming dates:

       16.04.4 Point Release - Mar 1 (~1 week away)
              Feature Freeze - Mar 1 (~1 week away)
                      Beta 1 - Mar 8 (~2 weeks away)
                  Final Beta - Apr 5 (~6 weeks away)
               Kernel Freeze - Apr 12 (~7 weeks away)
                Final Freeze - Apr 19 (~8 weeks away)

New Kernel Uploader

Today, the Kernel Uploaders Team[1] had an ad-hoc meeting with the
following members in attendence:

Andy Whitcroft (apw) [chair]
Leann Ogasawara (leann-ogasawara)
Brad Figg (brad-figg)
Stefan Bader (smb)
Seth Forshee (sforshee)
Kleber Sacilotto de Souza (kleber-souza)
Thadeu Lima de Souza Cascardo (cascardo)

The meeting was called to review the upload application for Marcelo
Henrique Cerri (mhcerri)[3]. Marcelo has been working in the kernel team
for over 1.5 years.

Mentors required for mentoring Linux Foundation GSoC Open Printing Projects.

Hi All,

Like every year, this year also myself and Till Kamppeter are organizing
the Google Summer Of Code Projects for Linux Foundation. There are a couple
of interesting project on this year's list with regards to Open Printing:

<a href="" title=""></a>

Already there is a bunch of talented students who are interested in working
on these projects. We require your help in mentoring these students.

Re: More diagnostics data from desktop


I noticed in the mailing list that you guys only talked about users who are installing Ubuntu for the first time, not upgrading from a previous version (unless I totally missed it, or misunderstood it):

Launchpad i386 build: Memory exhausted

Hello everyone,

I'm packaging latest MAME 0.194 and it builds fine on my PPA.
Unfortunately, link fails for i386 due to virtual machine memory issues:

/usr/bin/ld: final link failed: Memory exhausted

You can find a full log for build here:
<a href="" title=""></a>

and also here in case I got struck by the greatest idea and try a new build
<a href="" title=""></a>

Please note I've already put great care in tweaking linker options to
reduce memory consumption, with no luck.

More diagnostics data from desktop

Great ideas!

I've been _manually_ re-enabling these popcon reports at every
install(Ubuntu gives me a $free OS and the least I can do is help 'em out
w/ some telemetry!) via:

$ sudo dpkg-reconfigure popularity-contest

As a sys-admin, I do installs regularly and having so many apport notices
user-facing has been an irritation(i.e. cups-browsed has crashed,
gnome-shell has crashed, etc.). These are not show-stopping in the majority
of cases and only confuse the end-user.

Re: More diagnostics data from desktop

Hi there,

Just a small note about Popcon:

It is absolutely useless until its problems are not fixed. For example:
<a href="" title=""></a>
<a href="" title=""></a>

Best regards,

More diagnostics data from desktop

Dear all,

We want to be able to focus our engineering efforts on the things that
matter most to our users, and in order to do that we need to get some more
data about sort of setups our users have and which software they are
running on it.

We would like to add a checkbox to the installer, exact wording TBD, but
along the lines of “Send diagnostics information to help improve Ubuntu”.
This would be checked by default.

The result of having that box checked would be:

* Information from the installation would be sent over HTTPS to a service
run by Canonical’s IS team.

autopkgtest-build-lxd failing with bionic


I'm not able to build a bionic container:

autopkgtest-build-lxd images:ubuntu/bionic/amd64
Creating autopkgtest-prepare-1ay
Starting autopkgtest-prepare-1ay
Container finished booting.

RFC: Ubuntu Seeded Snaps

Dear developers,

As I'm sure you know, Canonical has recently been putting a lot of work into
the Snap Store[1], a repository for third-party packages that is the successor
to the past[2] and click packages efforts.

We are confident that snaps today represent a solid delivery vehicle for
third-party software on top of Ubuntu, and that snaps stand as a first-class
alternative to deb packages for Ubuntu users where appropriate.

Snaps are already presented alongside debs in the software catalog on the
Ubuntu Desktop, and with the 17.10 release, the Ubuntu MATE team took the

merge-o-matic: Filtering for status pages

Hi everyone,

I've got another merge-o-matic improvement for us all :)

merge-o-matic now supports rudimentary filtering on three things:

- a query string. it's even a regex. but on the other hand,
it's case sensitive
- toggle packages with uploads in proposed (gray rows)
- toggle packages without uploads in proposed (other rows)

This is done on the client using JavaScript.

Ubuntu Kernel Team - Weekly Newsletter, 2018-01-23

January 09 through January 23
The Kernel Team is completely focused on addressing any Spectre and
Meltdown issues as they arise.  A secure Ubuntu is our top priority.

Syndicate content