Eric Jacksch 

@ubuntu are you serious?

You've published a *critical* arbitrary code execution advisory for traceroute on the current LTS version of Ubuntu (22.04) and you're only releasing the fix as part of paid "Expanded Security Maintenance" ?

Traceroute has been a standard UNIX/Linux utility since before Ubuntu existed. I understand that, as a company, you need to make money, but this is shameful.

Do bash, sshd, and the kernel fall into ESM next?

https://ubuntu.com/security/notices/USN-6478-1

USN-6478-1: Traceroute vulnerability | Ubuntu security notices | Ubuntu

Ubuntu is an open source software operating system that runs from the desktop, to the cloud, to all your internet connected things.

Ubuntu
Nov 20, 2023 at 1:34pmWeb