The scheduled maintenance has been completed.

The scheduled maintenance is complete. A subset of shared apps and databases in us-east-1 must still be restarted; this will be done in a separate scheduled maintenance tomorrow. Check back here (status.aptible.com) for scheduling information.

Scheduled maintenance is currently in progress. We will provide updates as necessary.

Last week, a security vulnerability (CVE-2018-17182) in the Linux kernel was reported, and shortly thereafter a POC was posted that can achieve root privilege escalation: https://googleprojectzero.blogspot.com/2018/09/a-cache-invalidation-bug-in-linux.html

While our host configuration on Enclave prevents POCs like this one from being used successfully, we are nonetheless taking the precaution of upgrading the Linux kernel on all app, database, bastion and build instances in shared-tenancy stacks, to include the latest patches against this vulnerability.

The kernel upgrade process will involve restarting all databases in shared-tenancy stacks (this will result in ~1 minute downtime per database), then restarting all apps in shared-tenancy stacks (app restarts on Enclave are zero-downtime operations, so these restarts should be non-disruptive).

Apps and databases in dedicated stacks will NOT be affected by this maintenance.