Updating shared environments with latest speculative execution attack mitigations
Incident Report for Aptible
This incident has been resolved.
Posted Aug 26, 2020 - 10:39 EDT
To protect our customers’ shared environments against speculative execution and branch prediction vulnerabilities (Spectre), our Reliability Team will be re-launching customer containers and utility services (e.g., build instances, ephemeral SSH servers) in the following in shared environments between 10am and 6pm on Tuesday, September 1st.

• App instances
• Build instances (where Docker images are built)
• Bastion instances (where ephemeral `aptible ssh` containers run)

The new EC2 instances have been updated to the latest Linux kernel, which contains additional mitigations and fixes against some variants of these attacks. Instances in shared environments where arbitrary code may be run are the most vulnerable and have been prioritized for replacement.

The replacement operation should incur no downtime for your apps, but will require that we run `aptible restart` (a zero downtime operation) on each app in your shared environments. There will be no impact on dedicated stacks during this maintenance.

We will continue to update this status page as we proceed with the replacement process on Tuesday.
Posted Aug 25, 2020 - 15:47 EDT
This incident affected: Aptible Deploy.