Indeni considers this vulnerability as a low severity issue due to the fact that all Indeni servers are located behind firewalls that are meant to prevent access to them by hackers. However, it's best practice to patch your system regardless of where the Indeni system resides.
6.0 PATCH INSTRUCTIONS
1. Indeni 6.0 needs to be patched using "sudo apt-get update; sudo apt-get upgrade"
2. When it asks to update the sudoer setting, select the default "N" option and continue.
The patch details can be found at:
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown
https://usn.ubuntu.com/usn/usn-3522-2/
Please Note: There have been reports that kernel image 4.4.0-108 will cause Ubuntu to no longer load, but has been resolved on 4.4.0-109. We are currently testing this, so do not update your indeni server until we confirm continued functionality on the latest kernel image. Feel free to follow this post to get regular updates on where Indeni stands on the issue and when we announce that it is safe to update the system.
5.5 PATCH INSTRUCTIONS
A patch for indeni 5.5 is available at meltdown.tgz. The update procedure is:
1. Copy the file to /tmp on the indeni server.
2. SSH into the indeni server and perform, or copy/paste the following:
# get root access
sudo -i
# extract the patch
cd /tmp
tar xzvf meltdown.tgz
# run patch
cd meltdown
./deploy-patches.sh
# Reply with "Yes" to run the patch
# stop the service after applying the patch
service indeni4it stop
# reboot from new kernel
reboot