These release notes for Ubuntu 22.10 (Kinetic Kudu) provide an overview of the release and document the known issues with Ubuntu and its flavours.
Ubuntu 22.10 will be supported for 9 months until July 2023. If you need Long Term Support, it is recommended you use Ubuntu 22.04 LTS instead.
Ubuntu 22.10 is shipped with the new 5.19 Linux kernel that brings the following (most relevant) features (in addition to many other new features, new drivers, improvements and fixes):
- The new
futex_waitv()syscall that can speed up games by letting them wait for multiple futexes with a single system call.
- Support in the task scheduler for CPU clusters that share L2/L3 cache (spreading tasks between clusters will bring more memory bandwidth and decrease cache contention).
- Support for Intel® AMX (Advanced Matrix Extensions) instructions.
- CO-RE support that makes compiled BPF programs more portable.
- A faster random number generator (entropy extractor switched from SHA1 to BLAKE2s).
- Support for proactive reclaim in memory control groups.
- Support for Intel® Trust Domain Extensions (TDX).
The init system was updated to systemd v251.4. Please refer to the upstream changelog for more information about individual features.
Following the recent announcement of our debuginfod instance, Ubuntu now automatically requests debug symbols from the service when GDB (or any other debuginfo-consuming application) is used. Please refer to the Ubuntu Server Guide on debuginfod for more information.
- AppArmor gained support for restricting access to unprivileged user namespaces. This allows a system administrator to configure their system so that only applications and services which are confined by an appropriate AppArmor profile can use this feature.
- Netplan v0.105 gained support for VXLAN, VRF and InfiniBand devices
- The default audio server is now PipeWire instead of PulseAudio
- The default image apps now suport the .webp format
- GNOME has been updated to include new features and fixes from the latest GNOME release, GNOME 43
- Many apps have been converted to GTK4 and libadwaita for improved performance and upgraded style.
- The default file manager Nautilus has switched to GTK4. The Nautilus Extensions API has changed which breaks all Nautilus extensions that have not been updated for the new release.
- The default text editor app is now GNOME Text Editor. gedit is still available for install.
- The default terminal app is still GNOME Terminal but GNOME Console is available for install.
- The To Do app is no longer installed by default. It’s still available for install but has been renamed to Endeavour .
- The GNOME Books app is no longer available. The recommended replacement app is Foliate .
- The Nautilus folder sharing extension is no longer installed by default. You can install it from a terminal with
sudo apt install nautilus-share
- BlueZ 5.65
- CUPS 2.4
- NetworkManager 1.40
- Mesa 22
- Pipewire 0.3.58
- Poppler 22.08
- PulseAudio 16
- xdg-desktop-portal 1.15
- fonts-noto-color-emoji updated for Unicode 15
The Ubuntu 22.10 Live Server includes Subiquity 22.10.1, which adds a variety of bugfixes and a few new features including enhancements to autoinstall, cloud-init integration, and keyboard handling. Please see the Subiquity release notes for more details.
In Ubuntu 22.10, openssh now uses systemd socket activation by default. Read more about this new feature here.
- All SSSD client libraries (
pam, etc.) won’t serialize requests anymore by default, i.e. requests from multiple threads can be executed in parallel. The old behavior (serialization) can still be enabled by setting the environment variable
- Added a new krb5 plugin
idpand a new binary
oidc_childwhich performs OAuth2 authentication against FreeIPA. This, however, cannot be tested yet because this feature is still under development on the FreeIPA server side.
When using GSSAPI/GSS-SPNEGO authentication over an encrypted transport like
ldaps://, Microsoft recommends that Channel Binding be enabled. If Windows Server is configured to require this setting, then clients that do not enable Channel Binding over such connections will be rejected.
- Add support for remote TLS certificate verification, both to
dig, making it possible to implement Strict and Mutual TLS authentication, as described in RFC 9103, Section 9.3.
A new form of argument protection was added that works similarly to the older
-s) option, but in a way that avoids breaking things like
rsyncnow uses backslash escaping for sending “shell-active” characters to the remote shell. This includes spaces, so fetching a remote file via a simple quoted filename value now works by default without any extra quoting:
rsync -aiv host:'a simple file.pdf' .
Wildcards are not escaped in filename arguments, but they are escaped in options like the
--usermapvalues. If your
rsyncscript depends on the old arg-splitting behavior, either run it with the
export RSYNC_OLD_ARGS=1in the script’s environment. See also the ADVANCED USAGE section of
rsync's manpage for how to use a more modern argument style.
Improvements in many agents such as:
- IPaddr2: allow to disable Duplicate Address Detection for IPv6; and allow to send IPv6 Neighbor Advertisements in background.
- LVM-activate: disable VG autoactivation in
Those are some of the changes added to the resource-agent-base binary package which is in main, to check a full list of the changes see the upstream changelog.
fence-virt were introduced as new binary packages in this version.
OpenVPN 2.6.0 was not released yet, so Ubuntu Kinetic will ship a git snapshot instead. This new version contains some improvements regarding OpenSSL 3 support. Another important change that might impact users is the drop of the
--cipher option in favor of the new
--data-ciphers. It is important to note that when
--data-ciphers is not specific, the default will be
AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305. This can impact users that are using old ciphers, like
AES-256-CBC. In this scenario, it is recommended that users migrate their certificates to the ciphers that are supported by default. A workaround is possible by explicitly setting
For more details on cipher negotiation, please read the upstream documentation.
This contains some major release changes which can all be seen here. Now, it has support for shim plugins and added support for absolute path to shim binaries.
This new version contains an important CVE fix and also a bunch of improvements, fixing bugs and improving the upstream CI system. For more detailed information please check the upstream changelog.
This new version contains fixes to avoid potential lock issues and update its dependencies internally. For more detailed information please check the upstream changelog.
Qemu was updated to version v7.0.0 which brings many major and minor improvements. Among others this version includes:
- Added support for Intel AMX
- Support for various further RISC-V extensions, among them the hypervisor extension is no more marked experimental and now enabled by default
- Fixes for various emulated s390x instructions
- User-mode emulation (
bsd-user) will enforce guest alignment constraints and raise
SIGBUSto the guest program as appropriate.
qemu-nbdprogram has gained a new
--tls-hostnameparameter to allow TLS validation against a different hostname, such as when setting up TLS through a TCP tunnel, and now supports TLS over Unix sockets.
- See the upstream changelog for version 7.0 for an overview of the many further improvements. These also contain a list of suggested alternatives for removed, deprecated and incompatible features.
Tracking the releases of libvirt continuously version v8.6.0 is now provided in Ubuntu 22.10 which - among many other fixes, improvements and features - includes:
- For example there have been many new features for qemu:
- Support mode option for
- Introduce manual disk snapshot mode.
- Introduce memory allocation threads (handy for guests with large amounts of memory).
- Introduce support for
- ppc64 Power10 processor support.
- Introduce absolute clock offset.
- Add support for post-copy migration recovery.
- Support mode option for
- See the upstream changelogs for the many further improvements and fixes since version 8.0.0 that was in Ubuntu 22.04.
The new version 3.0.0 of openvswitch is in Ubuntu 22.10 and provides a general update including the following changes:
- Userspace datapath improved multi-thread scalability of the userspace connection tracking.
- IPsec now has custom per-tunnel options.
- Extended Flow Monitoring to support more OpenFlow versions.
- OVSDB compaction was improved to run in a separate process (avoiding blocks) and is enabled by default to return unused memory to the system.
- libopenvswitch API changes to fix the undefined compiler behavior will need users of libopenvswitch to double-check the use of loop macros like
- The OVS News page holds more details about the new version.
Ubuntu 22.10 includes the latest OpenStack release, Zed, including the following components:
- OpenStack Identity - Keystone
- OpenStack Imaging - Glance
- OpenStack Block Storage - Cinder
- OpenStack Compute - Nova
- OpenStack Networking - Neutron
- OpenStack Telemetry - Ceilometer, Aodh, Gnocchi
- OpenStack Orchestration - Heat
- OpenStack Dashboard - Horizon
- OpenStack Object Storage - Swift
- OpenStack DNS - Designate
- OpenStack Bare-metal - Ironic
- OpenStack Filesystem - Manila
- OpenStack Key Manager - Barbican
- OpenStack Load Balancer - Octavia
- OpenStack Instance HA - Masakari
Please refer to the OpenStack Zed release notes for full details of this release of OpenStack.
OpenStack Zed is also provided via the Ubuntu Cloud Archive for OpenStack Zed for Ubuntu 22.04 LTS users.
WARNING: Upgrading an OpenStack deployment is a non-trivial process and care should be taken to plan and test upgrade procedures which will be specific to each OpenStack deployment.
Make sure you read the OpenStack Charm Release Notes for more information about how to deploy and operate Ubuntu OpenStack using Juju.
- There will be no longer AWS Marketplace container images available for Kinetic and later releases. Please use the offerings from the AWS ECR Public Gallery or other container registries.
Ubuntu 22.10 includes support for several “embedded” displays on the Raspberry Pi, under both server and desktop configurations. Supported displays include the official DSI display (though, see Known Issues below), the Hyperpixel and the range of Inky displays (bug 1992778). See this post for full details on the Hyperpixel.
Ubuntu 22.10 builds on existing support for the Raspberry Pi Pico by adding the mpremote utility to the archive (bug 1992777), permitting easier development with MicroPython environments with facilities including the ability to mount local directories on your attached MicroPython device.
The 5.19 kernel in Ubuntu 22.10 disables the (long deprecated) GPIO sysfs interface (bug 1918583). This means that several common GPIO libraries (including RPi.GPIO) cannot operate. A shim providing compatibility with RPi.GPIO has been created and is available in Kinetic in the
python3-rpi-lgpiopackage. See this post for full details.
The webkit component in Gnome now works (bug 1924251) with the result that the offline Help application, and Online Accounts settings now operate correctly.
raspi-configutility has been updated to partially work in Ubuntu (bug 1972982). Some facilities (e.g. RealVNC support) do not work, but now correctly report they are not supported. Other facilities (e.g. overlayfs) work correctly.
netplanutility now supports selection of the wifi regulatory domain through its configuration, including on initial boot via
cloud-init; examples on the boot partition have been updated accordingly (bug 1951586).
Starting with Ubuntu Server 20.04 LTS, the minimal architectural level set was raised to z13 (and LinuxONE Rockhopper / Emperor) - this still applies to Ubuntu Server 22.10 and support also includes all newer hardware that is in service as of today (22.10 release date). Support for additional future hardware might be added later.
Ubuntu Server 22.10 can be installed in LPAR (classic or DPM systems), as IBM z/VM guest, as KVM virtual machine and in different container environments, like LXD, docker or kubernetes.
It’s available as ISO, Cloud or container images.
IBM Z and LinuxONE / s390x-specific enhancements since 22.04 (partially not limited to s390x):
And further dump enhancements with the NVMe stand-alone dump support (bug 1929033).
Support for latest hardware with adding IBM z16 Processor-Activity-Instrumentation Facility support ((bug 1982384) and (bug 1982384)), additional CPU-MF counters for new hardware for libpfm (bug 1960118) and support for the latest IBM zSystems hardware generations in qclib (bug 1982332).
On top of the updated virtualization stack (see above), further virtualization improvements with crypto passthrough hotplug (bug 1852741) and a new tool to persistently configure vfio-ap devices (bug 1852736) landed.
A multitude of enhancements in the area of cryptography, like the update of opencryptoki to version 3.18, with support for crypto profiles (bug 1959549), additional crypto counters (bug 1959551) and the PKCS #11 3.1 CKA_DERIVE_TEMPLATEs (bug 1982842).
libica was updated to the latest bug fix version 4.0.3 (bug 1986437), the openssl-ibmca package to 2.3.0, now with support for openSSL 3.0 provider (bug 1959763), support for IBM specific mechanisms and attributes was added to p11-kit (bug 1982841), BEAR enhancements for new IBM Z hardware (bug 1960186) and (lib)nettle upgrade to latest upstream version, that now provides CPACF support (bug 1959469).
In addition zcryptctl comes now with support for control domains ((bug 1982759) and (bug 1982838)) and a new tool is shipped that allows to display usage counters from the IBM z16 Processor Activity Instrumentation Facility (bug 1982760).
Eventually improvements in the area of RDMA/RoCE, with support for independent usage of secondary physical function (PF) of ConnectX-5/6 based RoCE adapters (bug 1959542) was added and the enablement for MIO instructions, means usage of new PCI Load/Store instructions in rdma-core ((bug 1959543) and (bug 1959544)).
As is to be expected, with any release, there are some significant known bugs that users may run into with this release of Ubuntu. The ones we know about at this point (and some of the workarounds), are documented here so you don’t need to spend time reporting these bugs again:
The option to install using zfs as a file system and encryption has been disabled due to a bug with all of the file system not being mounted on first boot. If you’d like to have a system using zfs and encryption please install using Ubuntu 22.04.1 and then upgrade to Ubuntu 22.10.
The command-not-found indexes are out of date for some packages in the release pocket of the Ubuntu archive. This means that recommendations in the terminal with text like
Command 'kms-universal-planes' not found, but can be installed with: may be incorrect. An example of this can be found in (bug 1998001). Unfortunately, this issue was found after the release of Kinetic and is not easily fixable.
The dkms package is not currently able to sign kernel modules which it builds. This will affect fresh installations of systems with a Broadcom wireless device and that use secure boot. An update to dkms is currently in the works and a workaround is available.
While the official DSI display now produces output under the Full KMS graphics drivers, the touchscreen does not operate, and rotation of the screen is ignored. To enable rotation or touchscreen support, edit the
config.txtfile on your Raspberry Pi’s boot partition and change the line
dtoverlay=vc4-fkms-v3dto revert to the “Fake” KMS graphics stack (bug 1970603).
Various kernel modules have been moved from the
linux-modules-raspipackage in order to reduce the initramfs size. If you find an application failing due to missing kernel modules, please try
sudo apt install linux-modules-extra-raspi
The legacy camera stack (MMAL based) is no longer supported on arm64; libcamera is the supported method of using the Pi Camera Module on the arm64 architecture (the boot-time configuration will automatically load overlays for official modules; unofficial camera modules need the relevant overlay added to
config.txton the boot partition)
After initial user setup on the desktop image, several packages can still be autoremoved bug 1925265); run
sudo apt autoremove --purgeto work around this
Under the desktop image, while the new pipewire stack maintains the correct audio device across reboots on the Raspberry Pi (bug 1877194), an invalid audio device is now selected by default on the Raspberry Pi 400 (bug 1993316), and an inconvenient default is selected on the Raspberry Pi 4 (bug 1993347)
With the removal of the
crdapackage in 22.04, the method of setting the wifi regulatory domain (editing
/etc/default/crda) no longer operates. Use the new
regulatory-domainoption in the netplan configuration (bug 1951586)
Under the desktop image, the default totem video player will not open videos by default (bug 1969512);
sudo apt install vlcto install an alternate video player which operates correctly
The release notes for the official flavours can be found at the following links:
- Kubuntu Release Notes
- Lubuntu Release Notes
- Ubuntu Budgie Release Notes
- Ubuntu MATE Release Notes
- Ubuntu Studio Release Notes
- Ubuntu Unity Release Notes
- Xubuntu Release Notes
Your comments, bug reports, patches and suggestions will help fix bugs and improve the quality of future releases. Please report bugs using the tools provided. If you want to help out with bugs, the Bug Squad is always looking for help.
If you would like to help shape Ubuntu, take a look at the list of ways you can participate at:
You can find out more about Ubuntu on the Ubuntu website.
To sign up for future Ubuntu development announcements, please subscribe to Ubuntu’s development announcement list at: