We provide security updates for the latest version of authd on each supported Ubuntu LTS release.
Ubuntu 26.04 LTS and later: authd is available directly from the Ubuntu archive.
Ubuntu 24.04 LTS and earlier supported LTS releases: authd is not in the Ubuntu archive and must be installed using the stable PPA.
See Install authd for installation instructions.
An edge PPA provides the latest development builds, but is not recommended for production use and does not receive security support.
If you are unsure of your version, please run the following command in a terminal to check which channel authd is installed from:
apt policy authdIf you discover a security vulnerability within this repository, we encourage responsible disclosure. Please report any security issues to help us keep authd secure for everyone.
The most straightforward way to report a security vulnerability is via GitHub.
For detailed instructions, please review the Privately reporting a security vulnerability documentation.
This method enables you to communicate vulnerabilities directly and confidentially with the authd maintainers.
The project's admins will be notified of the issue and will work with you to determine whether the issue qualifies as a security issue and, if so, in which component. We will then handle figuring out a fix, getting a CVE assigned and coordinating the release of the fix to the various Linux distributions.
The Ubuntu Security disclosure and embargo policy contains more information about what you can expect when you contact us, and what we expect from you.
- Go to the Security Advisories Page of the
authdrepository. - Click "Report a Vulnerability."
- Provide detailed information about the vulnerability, including steps to reproduce, affected versions, and potential impact.
- Canonical's Security Site
- Ubuntu Security disclosure and embargo policy
- Ubuntu Security Notices
- authd Documentation
If you have any questions regarding security vulnerabilities, please reach out to the maintainers via the aforementioned channels.