For more great content like this see Original article
No, you’re not misreading the title, Ubuntu 18.04.6 LTS is available to download.
This (unplanned) point release arrives with one key — pun intended — purpose: to make Ubuntu 18.04 LTS bootable again on Secure Boot-enabled systems.
“Unlike previous point releases, 18.04.6 is a refresh of the amd64 and arm64 installer media after the key revocation related to the BootHole vulnerability, re-enabling their usage on Secure Boot enabled systems,” writes Canonical’s Łukasz Zemczak explains in a release announcement.
The BootHole vulnerability is explained in more detail on the Ubuntu blog as well on the Ubuntu Security Team Wiki, excerpt below:
“It was discovered that multiple vulnerabilities existed in GNU GRUB, that could potentially lead to the ability to bypass UEFI Secure Boot restrictions. A local attacker with administrative privileges (or with physical access to the system) could use this issue to circumvent GRUB2 module signature checking, resulting in the ability to load arbitrary GRUB2 modules that have not been signed by a trusted authority and hence bypass UEFI Secure Boot.”
As part of the remediation the 2012 Ubuntu signing key and two GRUB2 binaries were added to the UEFI DBX revocation list in August 2020.
The newly spun images carries patched, safe, and approved versions of the various affected components, including GRUB2. The update also includes some other security updates but, as it’s an LTS, the ‘focus on maintaining stability and compatibility’ remains paramount.
Ubuntu 18.04 LTS is supported with security, maintenance, and select app updates until 2023.
Those who already run Ubuntu 18.04 LTS and have kept on top of updates do not need to reinstall using this image.