Ubuntu Livepatch is the service and the software that enables organizations to quickly patch vulnerabilities on the Ubuntu Linux kernels. Livepatch provides uninterrupted service while reducing fire drills during high and critical severity kernel vulnerabilities.
Livepatch is the client side software that runs on individual machines and periodically checks for the availability of kernel patches. Once a patch becomes available, it is downloaded, verified and applied to the current kernel.
Complex enterprise environments often follow policies that require a gradual roll-out of updates to reduce risk, or have high-security isolated environments that need to be updated. Livepatch on-prem allows an organization to define a rollout policy and remain in full control of which machines will get updated and when. To keep your machines up-to-date, the on-premises service regularly syncs with Livepatch hosted by Canonical and obtains the latest patches. It then deploys the patches gradually in as many stages as required.
|2||howitworks||How Livepatching works|
|2||notices||Livepatch Security Notices|
|3||on_prem/patch_storage/s3||Using S3 for patch storage|
|2||on_prem/patch_health||Patch Health reports|
|2||on_prem/upgrading||Upgrading a deployment|