Skip to main content

When logging into Ubuntu server you will see a response similar to

Welcome to Ubuntu 20.04.6 LTS (GNU/Linux 5.15.0-1049-azure x86_64)

 * Documentation:
 * Management:
 * Support:

  System information as of Fri Oct 13 02:54:35 UTC 2023

  System load:  0.02               Processes:                166
  Usage of /:   3.9% of GB   Users logged in:          1
  Memory usage: 23%                IPv4 address for docker0: 
  Swap usage:   0%                 IPv4 address for eth0:    

 * Strictly confined Kubernetes makes edge and IoT secure. Learn how MicroK8s
   just raised the bar for easy, resilient and secure K8s cluster deployment.

Expanded Security Maintenance for Applications is not enabled.

0 updates can be applied immediately.

4 additional security updates can be applied with ESM Apps.
Learn more about enabling ESM Apps service at

New release '22.04.3 LTS' available.
Run 'do-release-upgrade' to upgrade to it.


What does this line refer to - 4 additional security updates can be applied with ESM Apps

Ubuntu Extended Security Maintenance (ESM) provides additional security updates and support for Ubuntu systems that have reached their end of standard support (End of Life) but still need ongoing security updates. This service is designed for organizations and individuals who cannot immediately upgrade to a newer Ubuntu release but still require essential security patches.

ESM is available for Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS and other long-term support (LTS) releases.

Enable ESM Repository

To access ESM security updates, you need to enable the ESM repository in your Ubuntu system. You can do this by editing the /etc/apt/sources.list file. For example, to enable ESM for Ubuntu 20.04 LTS (the version noted above), you would add the following line to your sources list:

deb focal-updates main
deb focal-security main
deb focal-security universe
deb focal-security multiverse

You would replace focal with the codename of your Ubuntu release (e.g., bionic for 18.04 LTS). To see a list of Ubuntu codenames - see below.  After editing the sources list, run:

sudo apt update


Install ESM Updates

Once you've enabled the ESM repository, you can install security updates as you normally would with the apt package manager. The ESM updates are provided for the components enabled in the sources list.

sudo apt upgrade

This will upgrade your system with the available ESM security updates.

Access to ESM security updates may be subject to a subscription fee for some versions or included as part of a free tier, depending on your organization's needs and the specific version of Ubuntu. Be sure to check the official Ubuntu ESM documentation for the most up-to-date information regarding subscriptions and support.

It's essential to note that while ESM provides security updates, it does not offer non-security updates, feature enhancements, or technical support as you would receive during the standard support period. Therefore, it is recommended to plan for upgrading to a newer Ubuntu release when possible, as ESM is meant as a temporary solution to keep older systems secure while you work on migration plans.


Ubuntu release names

Name Version Codename Type
22.04 LTS (Jammy Jellyfish) 22.04 Jammy Jellyfish Long-Term Support (LTS)
21.10 (Impish Indri) 21.10 Impish Indri  
20.04 LTS (Focal Fossa) 20.04 Focal Fossa Long-Term Support (LTS)
19.10 (Eoan Ermine) 19.10 Eoan Ermine  
19.04 (Disco Dingo) 19.04 Disco Dingo  
18.04 LTS (Bionic Beaver) 18.04 Bionic Beaver Long-Term Support (LTS)
17.10 (Artful Aardvark) 17.10 Artful Aardvark  
17.04 (Zesty Zapus) 17.04 Zesty Zapus  
16.04 LTS (Xenial Xerus) 16.04 Xenial Xerus Long-Term Support (LTS)

The version numbers follow a pattern based on the year and month of release. LTS releases have a longer support cycle (usually 5 years for desktops and servers) and are suitable for long-term deployments, while non-LTS releases have a shorter support period (usually 9 months) and are often used by those who want the latest features and software.


Related articles

Andrew Fletcher01 May 2024
Common commands used in Ubuntu - in progress
A growing list of commands I've used and what they do in no specific ordersudo snap install bw ps aux | grep java whoami ip addr show uptime sudo apt update && sudo apt upgrade -y cat /etc/os-release sudo apt-get install needrestart sudo reboot sudo needrestart sudo ckan sysadmin...
Andrew Fletcher18 Mar 2024
Resolving CVE-2022-48624 less issue
To resolve the CVE-2022-48624 vulnerability on Ubuntu using Nginx, it's crucial to understand that the issue lies within the "less" package, not Nginx itself. The vulnerability affects "less" before version 606, where close_altfile in filename.c in less omits shell_quote calls for LESSCLOSE,...