Fortified security, enhanced desktop app discovery and new hardware support lead this latest release of Ubuntu.
12 October 2023:
Today Canonical announced the release of Ubuntu 23.10, codenamed “Mantic Minotaur”, available to download and install from https://ubuntu.com/download.
“In this release we’ve raised the bar for what secure by default means for Ubuntu and set the stage for our next Long Term Supported release.” said Oliver Smith, Senior Product Manager for Ubuntu at Canonical. “We’re excited for users to test our preview hardware-backed disk encryption key storage on Ubuntu Desktop, alongside the new App Center which makes it easier than ever to find the software you need.”
Improved
security across the stack
Traditional full-disc encryption methods require a passphrase to complete the boot process, forcing administrators to choose between device security and manageability.
Ubuntu Desktop 23.10 features preview support for hardware backed full-disk encryption where encryption keys are stored in the Trusted Platform Module (TPM) and recovered automatically by authenticated boot software. Broader hardware support for this feature will arrive next year alongside additional encryption configuration and management options in Ubuntu 24.04 LTS.
TPM backed full-disk encryption headlines a broader investment in Ubuntu’s default security posture which also includes a change to the Ubuntu kernel to address a common exploit path.
Unprivileged user namespaces are used by many common applications, such as internet browsers, to create secure sandboxes. However they expose kernel interfaces normally restricted to processes with root privileges which can create significant security vulnerabilities. To address this issue the Ubuntu kernel now supports an additional mode that requires programs to have an AppArmor profile in order to use unprivileged user namespaces, significantly reducing their attack surface. Applications in the Ubuntu archives now have such AppArmor profiles to ensure adherence to this policy when enabled.
Upgraded app discovery
The world of open source applications is continually expanding. The larger this rich ecosystem becomes, the harder it is to discover, manage and most importantly trust the software installed on your machine.
Ubuntu Desktop’s new App Center is a fast, intuitive and user-friendly hub that supports both snap and deb package formats. The App Center leverages the rich metadata provided by the Canonical Snap Store. All applications published on the Snap Store go through strict security reviews to ensure that only necessary permissions are enabled by default. A robust signature verification process also ensures that the Snaps cannot be modified by anyone but the publisher.
Support for Raspberry Pi 5 and SiFive HiFive Pro P550
Ubuntu 23.10 delivers expanded choice for developers looking to target the latest platforms and architectures and stay on the cutting edge.
Ubuntu continues to affirm its commitment to Raspberry Pi as a first class platform for Desktop, Server and IoT use-cases. Ubuntu 23.10 Desktop and Server will support the brand new Raspberry Pi 5 from launch day, thanks to our close collaboration with the Raspberry Pi Foundation.
“With Raspberry Pi 5 we’ve boosted the power and performance of the worlds’ most popular PC to deliver a fully-fledged developer platform.” said Gordon Hollingworth, Chief Technology Officer – Software at Raspberry Pi Trading, “We’re excited to see how the Ubuntu community leverages this power to create innovative and compelling new experiences.”
Building on the successful partnership that has brought Ubuntu to the SiFive HiFive RISC-V development platforms, including HiFive Unmatched, Canonical continues to be a leading supporter of the RISC-V ecosystem. Ubuntu 23.10 will be available on the SiFive HiFive Pro P550 at its launch.
Fortified security, enhanced desktop app discovery and new hardware support lead the latest release of Ubuntu 23.10 Mantic Minotaur.Building on the successful partnership that has brought Ubuntu to the SiFive HiFive RISC-V development platforms, including HiFive Unmatched, Canonical continues to be a leading supporter of the RISC-V ecosystem. Ubuntu 23.10 will be available on the SiFive HiFive Pro P550 at its launch.
“Together, SiFive and Canonical continue to deliver leading hardware/software solutions that are key enablers for RISC-V developers, helping to move the RISC-V ecosystem into applications requiring higher performance compute,” said Phil Dworsky, Global Head of Strategic Alliances at SiFive, “The combination of Canonical Ubuntu and SiFive Performance™ Family of processor IP arms developers with the platforms necessary to shape the future of computing, on RISC-V.”
Deeper integration for familiar administration tools
Previously, network configuration on Ubuntu required administrators to adjust their workflows depending on whether they were targeting desktop or server use-cases. To deliver a seamless networking experience in mixed Ubuntu estates, Ubuntu Desktop now uses Netplan, the declarative Linux networking configuration tool used on Ubuntu Server.
For administrators managing combined Windows and Ubuntu desktop fleets, ADsys, the Active Directory Group Policy client available with Ubuntu Pro, now supports machine certificate auto-enrollment from Active Directory Certificate Services.
To complete the range of improvements to Ubuntu fleet management, the Ubuntu Pro client now provides a simplified Landscape enrollment wizard with additional guidance for bulk Landscape registrations to streamline deployment at scale.
Popular plug-ins for a refreshed Docker
Docker developers will be pleased to find that Ubuntu 23.10 includes the latest version of Docker 24.0.5 alongside two of the most popular Docker plugins, docker-buildx
and docker-compose-v2
. In this way, Mantic reduces repository sprawl for engineers, and makes development environments less burdensome to maintain.
More Resources
- Download Ubuntu 23.10
- Release notes
- Ubuntu Discourse community
- Ubuntu Desktop 23.10: Mantic Minotaur deep dive
- TPM backed full disk encryption is coming to Ubuntu
- Restricted unprivileged user namespaces are coming to Ubuntu 23.10
- ADsys certificate auto-enrollment
About Canonical
Canonical, the publisher of Ubuntu, provides open source security, support and services. Our portfolio covers critical systems, from the smallest devices to the largest clouds, from the kernel to containers, from databases to AI. With customers that include top tech brands, emerging startups, governments and home users, Canonical delivers trusted open source for everyone.
Discover more from Ubuntu-Server.com
Subscribe to get the latest posts sent to your email.