Update 2018-01-11 07:05
Openstack is now patched as well so all currently available patches for Meltdown and Spectre are now applied.
Update 2018-01-10 01:30
Patches for Openstack IaaS are now released. An emergency service windows will take place 2018-01-11 00:00-06:00 when we will install the update.
Update 2018-01-09 21:40
Still waiting for patches for the Openstack IaaS. ETA was today but it doesn't look like patches will be released today.
Update 2018-01-09 05:45
The update on Jelastic v2 (NEW) compute nodes was successful so the Jelastic PaaS update is now done.
Update 2018-01-07 13:00
The update on Jelastic v1 compute nodes last night was successful.
No new updates regarding Openstack and Jelastic v2 (NEW) compute nodes. ETA is still 2018-01-09.
Update 2018-01-06 18:40
A patch for the Jelastic platform v1 compute nodes has been released. We will update all compute nodes tonight starting 2018-01-07 01:00 and we plan to hava all nodes updated by 04:00. All nodes requires a reboot and the expected user environment downtime is 15 minutes.
The patches ETA is 2018-01-09 but we hope for an earlier release.
As soon as we get any additional information we will let you know.
The update will probably require a restart of environments and this will be schedules the night after patches are released.
We are still waiting for patches to be released before we can update the platform.
As a precaution we have stopped all signups to prevent any potential users that might want access to the platforms to use the exploit.
We are aware of recently disclosed exploits Meltdown and Spectre (CVE-2017-5754, CVE-2017-5753 and CVE-2017-5715), and monitor updates closely.
Once upstream updates are available we will proceed with emergency update on both OpenStack and Jelastic platforms. Emergency windows are expected to be announced later today.
In order for customers to be fully protected against this exploit, customers must also patch their instances. Upstream updates are expected to be available shortly. Images in OpenStack will be updated to include these patches.
No action required after emergency update is completed.