25.04 release notes

Landscape 25.04 runs on Ubuntu 24.04 LTS Noble Numbat or 22.04 LTS Jammy Jellyfish. Database schema changes are required to upgrade to Landscape Server 25.04.

You can now access Landscape 25.04 in our latest-stable rolling release PPA: ppa:landscape/latest-stable.

Note that 25.04 is not an LTS release. For self-hosted production deployments, we recommend using an LTS release, such as Landscape Server 24.04 LTS, which come with 10 years of support.

Highlights

  • Security Profiles: Monitor up to 1000 compatible clients for CIS and DISA-STIG benchmark standards compliance using the Ubuntu Security Guide, including the ability to attempt automatic compliance fixes. Customize your benchmarks with tailoring files, collect compliance data over time and retain it for future reference or auditing purposes.

Security profiles screen

  • Script Profiles: Manage event-based, scheduled, and recurring script execution on clients. Scripts can be executed on groups of clients as one-off or recurring actions, or in response to events such as Landscape registration.

Script profiles screen

  • Reboot Profiles: Issue reboot commands to groups of clients on a regular schedule, ensuring that upgrades that require reboot are properly applied. Apply an expiration time limit to reboot activities and randomize delivery times to avoid rebooting all instances simultaneously.

Reboot profiles screen

  • Client Sanitization: Remotely and securely wipe data on compatible clients.

Client sanitization screen

Additional Updates

  • Ability to invalidate issued JSON Web Tokens

  • Faster reporting of Extended Security Maintenance packages

  • Logfile permissions are now CIS-compliant

  • MD5 hashing uses are now FIPS-compliant

  • Added ability to delete WSL child instances

  • Message System performance improvements

Upgrade

There are no specific upgrade steps for this version. You can follow the existing guide to upgrade: How to upgrade your Landscape server.

Bug fixes

  • Allow for clearing of tags from Child Instance Profiles

  • Automatically recover database connections if connection issues occur

  • Better accounting of Ubuntu Pro free tokens

  • Improved script handling of carriage returns

  • Improved logging of package-search issues

  • Better whitespace handling in search query strings

  • API requests no longer hang on some malformed paths

  • Running profiles will now succeed even if alert updates do not

  • Clients reporting Invalid large package sizes will not cause a crash

  • Logfile is now more resilient

  • Event Log API permissions are now stricter

  • Instance Access Group API permissions are now stricter

  • Permissions errors no longer result in blank elements in web portal

  • Repository mirror pockets can now have their “Origin” set via the API