Spectre & Meltdown - Kernel Side-Channel Attacks
Incident Report for amazee.io
Resolved
*Ubuntu LTS*
We successfully updated and patched all Ubuntu LTS Servers during the emergency Maintenance Window last Thursday.

With this all Servers at amazee.io are patched against Spectre & Meltdown.
Posted 6 days ago. Jan 15, 2018 - 13:31 CET
Update
*Ubuntu LTS*:
Our tests of the patched Ubuntu kernel are positive and we are conducting an Emergency Maintenance tonight during the same hours like usual Maintenance.
Posted 9 days ago. Jan 11, 2018 - 15:35 CET
Update
*RedHat Enterprise Linux:*
We successfully updated and patched all RedHat Enterprise Servers during the regular Maintenance Window last night.

*Ubuntu LTS*:
Ubuntu released Kernel Patches yesterday January 9th. We are currently conducting tests with these new kernels and are planning to conduct an emergency maintenance in the night of Thursday 11th to Friday 12th January. We will update as soon as we have more information.
Posted 10 days ago. Jan 10, 2018 - 16:00 CET
Identified
We are actively monitoring and update all our Server to mitigate the Spectre & Meltdown attacks.
At amazee.io we are running two different Operating Systems: Ubuntu LTS and RedHat Enterprise Linux.

*RedHat Enterprise Linux*
RedHat released updates for their systems: https://access.redhat.com/security/vulnerabilities/speculativeexecution
We are actively updating and patching all Servers with these patches. Current estimation is that this is finished within 24h.

*Ubuntu LTS*
Ubuntu has no official patches yet: https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown
As soon as patches are released we will start updating and patching all Servers.
Posted 11 days ago. Jan 09, 2018 - 18:48 CET
This incident affected: General (API, Deployment Infrastructure, Nameservers, dev1.compact), Germany (de1.compact), Finland (fi1.compact), USA (us2.compact), United Kingdom (uk1.compact), Switzerland (zh1.cluster, zh1.single, zh2.single, zh1.compact, zh2.cluster, zh2-compact), South Africa (sa1.compact), and on-premise servers.