Noble Numbat Release Notes

Table of Contents

• Introduction
• New features in 24.04 LTS
• Known Issues
• Official flavours
• More information

Introduction

These release notes for Ubuntu 24.04 (Noble Numbat) provide an overview of the release and document the known issues with Ubuntu and its flavours.

Support lifespan

Ubuntu 24.04 will be supported for 5 years until June 2029. If you need Long Term Support, we recommend you use Ubuntu 22.04 LTS instead.

New features in 24.04 LTS

Updated Packages

Linux kernel

Ubuntu 24.04 includes the new 6.x Linux kernel that brings many new features.

Notable upstream changes:

• […]

Notable Ubuntu-specific changes:

• […]

systemd

Netplan

Toolchain Upgrades

• GCC was updated to the […]
• Python now defaults to version […]
• Perl at version […]
• LLVM now defaults to version […]
• Rust toolchain defaults to version […]

OpenJDK

.NET

golang

Security Improvements

Ubuntu Desktop

Installer and Upgrades

• The default Ubuntu Desktop installation is now minimal. There is still an “Expanded installation” option for those who prefer to have applications like LibreOffice and Thunderbird installed for the first boot. (The “Full” option is still the default with the legacy Desktop installer.)

• We are reintroducing support for ZFS guided installations, enhancing the flexibility and choices available for your storage management needs. This is a new implementation in the Subiquity-based installers, and is without encryption by default. The encrypted ZFS guided option will be developed in a future release.

• Starting with Ubuntu 23.10, TPM-backed full-disk encryption (FDE) is introduced as an experimental feature, building on years of experience with Ubuntu Core. On supported platforms, you no longer need to enter passphrases at boot manually. Instead, the TPM securely manages the decryption key, providing enhanced security against physical attacks. This new feature streamlines the user experience and offers additional layers of security, especially in enterprise environments. However, the traditional passphrase-backed FDE is still available for those who prefer it. We invite users to experiment with this new feature, although caution is advised as it’s still experimental. More details in the TPM-backed Full Disk Encryption is coming to Ubuntu blog post. Do not hesitate to report bugs in Launchpad against the ubuntu-desktop-installer project.

  Known limitations:

  • Requires TPM 2.0.
  • Only a limited set of hardware is supported.
  • No external kernel-modules support. For example, no support of NVIDIA graphics cards.

• The configuration file, /etc/netplan/01-network-manager-all.yaml (which specifies Network Manager as the Netplan renderer), has been moved to /lib/netplan/00-network-manager-all.yaml to reflect that it should not be edited. Also, it is now owned by the ubuntu-settings package. For upgraders, the move is be performed automatically and the old file removed if it was unchanged. If it was changed, the move still takes place, but a copy of the old file is left in /etc/netplan/01-network-manager-all.yaml.dpkg-backup (LP: #2020110).

• NetworkManager now uses Netplan as its default settings-storage backend. On upgrade, all connection profiles from /etc/NetworkManager/system-connections/ are transparently migrated to /etc/netplan/90-NM-*.yaml and become ephemeral, Netplan-rendered connection profiles in /run/NetworkManager/system-connections/. Backups of the original profiles are automatically created in /var/lib/NetworkManager/backups/ (read more at NetworkManager YAML settings backend and LP: #1985994).

• ADSys Active Directory Certificates auto-enrollment: Windows Server offers a solution for auto-enrolling certificates using Group Policies. This interacts with Certificate Enrollment Services by Microsoft and works seamlessly with Windows clients.

  ADSys introduces AD certificates auto-enrollment to streamline connecting to corporate Wi-Fi and VPN networks. Automated enrollment eliminates the need for manual interactions with the certificate authority, such as pre-creating certificates. This simplifies IT administration and minimises security risks associated with managing sensitive data.

• The installer is now able to update itself and will prompt the user to update in the very early stages of the installation if a newer version is available.

New Store

• There is a brand new Ubuntu App Center that replaces the previous Snap Store. The application has been written from scratch using the Flutter toolkit.

• There is also a new standalone Firmware Updater application. This provides the possibility to update firmware without needing to have a full app store running continuously in the background.

GNOME

• GNOME has been updated to include new features and fixes from the latest GNOME release, GNOME XX.

Updated Ubuntu font

Updated Applications

• Firefox XY
  • Firefox is a native Wayland application for this Ubuntu release.
• LibreOffice X.Y
• Thunderbird X.Y “Supernova”

Updated Subsystems

Ubuntu Server

Apache2

Django

Docker

Containerd

Runc

Samba

QEMU

libvirt

OpenLDAP

sssd

Subiquity

OpenStack

Platforms

Public Cloud

All

AWS EC2

How to report any issues resulting from these changes

If you notice any unexpected changes or bugs in the minimal images, create a new bug in cloud-images.

Raspberry Pi

RISC-V

StarFive VisionFive 2

IBM Z and LinuxONE

Known Issues

As is to be expected with any release, there are some significant known bugs that users may encounter with this release of Ubuntu. The ones we know about at this point (and some of the workarounds) are documented here, so you don’t need to spend time reporting these bugs again:

General

• The Live Session of the new Ubuntu Desktop installer is not localized. It is still possible to perform a non-English installation using the new installer, but internet access at install time is required to download the language packs. Should this be an issue, use the legacy installer images. (LP: #2013329)

• Systems where the /boot directory is located on the XFS file system may not boot correctly if they have many files in a single directory below /boot. This is being tracked in (LP: #2039172).

• When upgrading to Mantic, it fails to install snap firmware-updater. (LP: #2039172).

Linux kernel

• Nothing yet

Ubuntu Desktop

• The Ubuntu Desktop images are labelled as 23.10.1 instead of 23.10 due to the installer translation incident as mentioned here. The contents of 23.10.1 are the same as any other image with the exception of shipping a newer ubuntu-desktop-installer.

• The Try Ubuntu environment is not translated with the new Desktop Installer (LP: #2013329).

• Screen-reader support is present with the new desktop installer, but is incomplete. We recommend that people who need screen-reader support to install Ubuntu continue to use the legacy installer (#2343).

• Application icons don’t use the correct High Contrast theme when High Contrast is enabled (LP: #2013107).

• Incompatibility between TPM-backed Full Disk Encryption and Absolute: TPM-backed Full Disk Encryption (FDE) has been introduced to enhance data security. However, it’s important to note that this feature is incompatible with Absolute (formerly Computrace) security software. If Absolute is enabled on your system, the machine will not boot post-installation when TPM-backed FDE is also enabled. Therefore, disabling Absolute from the BIOS is recommended to avoid booting issues.

• Hardware-Specific Kernel Module Requirements for TPM-backed Full Disk Encryption: TPM-backed Full Disk Encryption (FDE) requires a specific kernel snap which may not include certain kernel modules necessary for some hardware functionalities. A notable example is the vmd module required for NVMe RAID configurations. In scenarios where such specific kernel modules are indispensable, the hardware feature may need to be disabled in the BIOS (such as RAID) to ensure the continued availability of the affected hardware post-installation. If disabling in the BIOS is not an option, the related hardware will not be available post-installation with TPM-backed FDE enabled.

• FDE specific bug reports.

• The installer re-launches itself with the version shipped on the ISO instead of the latest version after updating it through its refresh mechanism (#2377).

Ubuntu Server

In some situations, it is acceptable to proceed with an offline installation when the mirror is inaccessible. In this scenario, it is advised to use:

apt:
  fallback: offline-install

GRUB

GRUB 2.12 as included in mantic regresses support for UEFI HTTP boot. We anticipate this being corrected in a subsequent package update. Since the netboot tarball provided in Ubuntu 23.10 does not include this functionality, users who need UEFI HTTP boot support are recommended to use the netboot tarball from Ubuntu 23.04 instead.

Platforms

Cloud Images

All

• A change in systemd 253.5-1ubuntu1 resulted in unexpected UDP listening port 5353.
  The work to no longer listen on this port is being tracked @ Bug #2038894 “Ubuntu 23.10 cloud images unexpected UDP listening...” : Bugs : cloud-images

Microsoft Azure

• On Azure arm64 instances, the systemd service systemd-modules-load.service sometimes fails to load on first boot due to a Timeout error. All the kernel modules appear to be correctly loaded and this issue doesn’t seem to impact the OS. Users can manually reload this service by running systemctl restart systemd-modules-load.service in case they notice that something is wrong.
  • This is being actively investigated

ppcel64 images on cloud-images.ubuntu.com

• an issue in livecd-rootfs causes snaps to not be properly pre-seeded, causing slower boot times (LP:2038957)

Raspberry Pi

• During the installation process on the desktop image, the slides shown during installation appear corrupted on the Pi 4 (but not the Pi 5). The issue is cosmetic and does not affect the installation itself (LP: #2037015)

• With some monitors connected to a Raspberry Pi, it is possible that a monitor powers off after a period of inactivity but then powers back on and shows a black screen. Investigation into the types of monitors affected is ongoing in LP: #1998716.

• Various kernel modules have been moved from the linux-modules-raspi package to reduce the initramfs size. If you find an application failing due to missing kernel modules, try sudo apt install linux-modules-extra-raspi.

• The legacy camera stack (MMAL based) is not supported on arm64; libcamera is the supported method of using the Pi Camera Modules on the arm64 architecture (the boot-time configuration automatically loads overlays for official modules; unofficial camera modules need the relevant overlay added to the config.txt file on the boot partition). Additional patches required for Raspberry Pi 5 compatibility are planned for SRU after release (LP: #2037642)

• With the removal of the crda package in 22.04, the method of setting the wifi regulatory domain (editing /etc/default/crda) no longer operates. On server images, use the regulatory-domain option in the Netplan configuration. On desktop images, append cfg80211.ieee80211_regdom=GB (substituting GB for the relevant country code) to the kernel command line in the cmdline.txt file on the boot partition (LP: #1951586).

RISC-V

• Wifi for the StarFive VisionFive board does not work in this image (LP: #2037065).

• The unmatched image does not boot on Unmatched systems due to a missing bootloader. It is still provided as part of the beta for use under QEMU (LP: #2037060).

s390X

Nothing yet.

Official flavours

Find the release notes for the official flavours at the following links:

• Edubuntu Release Notes
• Kubuntu Release Notes
• Lubuntu Release Notes
• Ubuntu Budgie Release Notes
• Ubuntu MATE Release Notes
• Ubuntu Studio Release Notes
• Ubuntu Unity Release Notes
• Xubuntu Release Notes
• Ubuntu Kylin Release Notes
• Ubuntu Cinnamon Release Notes

More information

Reporting bugs

Your comments, bug reports, patches and suggestions help fix bugs and improve the quality of future releases. Please report bugs using the tools provided. If you want to help with bugs, the Bug Squad is always looking for help.

What happens if there is a high or critical priority CVE during release day?

Server, Desktop and Cloud plan to release in lockstep on release day, but there are some exceptions.

In the unlikely event that a critical or high-priority CVE is announced on release day, the release team have agreed on the following plan of action:

• For critical priority CVEs, the release of Server, Desktop and Cloud will be blocked until new images can be built addressing the CVE.

• For high-priority CVEs, the decision to block release will be made on a per-product (Server, Desktop and Cloud) basis and will depend on the nature of the CVE, which might result in images not being released on the same day.

This was discussed in the ubuntu–release mailing list March/April 2023.

The mailing list thread also confirmed there is no technical or policy reason why a package cannot be pushed to the Updates or Security pocket to address high or critical-priority CVEs prior to the release.

Participate in Ubuntu

If you would like to help shape Ubuntu, look at the list of ways you can participate at community.ubuntu.com/contribute.

More about Ubuntu

You can find out more about Ubuntu on the Ubuntu website.

To sign up for future Ubuntu development announcements, subscribe to Ubuntu’s development announcement list at ubuntu-devel-announce.