Ubuntu's infrastructure has been down for more than 24 hours, and the outage is blocking the distribution of security information about a critical vulnerability.
The flaw grants root access — the highest privilege level on a Unix-like system. Because Ubuntu's own servers are offline, the security team cannot publish an advisory, release patches, or communicate the severity to system administrators. Users relying on Ubuntu servers are currently unable to receive updates or even learn what they're exposed to.
This creates a dangerous window: there's a known, serious vulnerability with no public information about how to mitigate it. Admins can't patch what they don't know affects them. The longer the outage persists, the longer production systems remain exposed.
It's a particularly awkward position for Canonical — having a critical vulnerability and no way to tell anyone about it.