I for one would very much like to see this bug in 18.04 fixed as a priority:<p><a href="https://bugs.launchpad.net/ubuntu/+source/openjdk-lts/+bug/1796027" rel="nofollow">https://bugs.launchpad.net/ubuntu/+source/openjdk-lts/+bug/1...</a><p>The Java 11 package installs Java 10. This was supposed to be a short term hack (because Ubuntu's long term supported version 18.04 was being released shortly before Java's long term supported version 11) but it's been a good while now - six months or so.<p>The short term support version 18.10 of Ubuntu has Java 11 so it's very non-obvious what the blocker is.<p>To me this seems like a really poor choice. The result of installing the Java 11 package but getting Java 10 <i>clearly</i> fails the principle of least astonishment. If we can live without the fix a quarter of the way to the next LTS edition of Ubuntu then we could have lived with Java 10 as the preferred (and correctly named) package in the first place.<p>Meanwhile the bug asks us not to spam with requests for updates yet there's no suggestion of where we can go to gauge what the timescales we're up against are.<p>It definitely dents my confidence in Ubuntu as a well organised distribution.
This is not an official announcement and it has not been officially declared released or ISOs updated.<p>The last official comment was it was delayed till Thursday, Feb. 14:<p><a href="https://lists.ubuntu.com/archives/ubuntu-release/2019-February/004694.html" rel="nofollow">https://lists.ubuntu.com/archives/ubuntu-release/2019-Februa...</a><p>Those preparing the release will update release notes and fixed bug lists (like this one) before the release.
I wish there was some announcement about when HWE kernels will be available for 18.04. This page has not yet been updated.<p><a href="https://wiki.ubuntu.com/Kernel/RollingLTSEnablementStack#Kernel.2FSupport-1.A18.04.x_Ubuntu_Kernel_Support" rel="nofollow">https://wiki.ubuntu.com/Kernel/RollingLTSEnablementStack#Ker...</a>
Apparently 18.04.2 LTS has been released, as that's what my box reports running now. I don't see any clear announcements of the actual release, but perhaps they're just hard to find on the various ubuntu wiki/planet/mailing list/etc... sites.
Does it include the fix for apt's recent mirror redirect vulnerability? If not, any update to a fresh system would be trivially susceptible to a MITM attack if redirects aren't disabled. This includes docker images as well: <a href="https://justi.cz/security/2019/01/22/apt-rce.html" rel="nofollow">https://justi.cz/security/2019/01/22/apt-rce.html</a><p>Canonical really should enable https as an additional layer of protection. This isn't the first time a bug in apt's authentication was found and it's unlikely that this bug will be the last.