Ubuntu’s Meltdown/Spectre wiki as well as their Meltdown/Spectre press release indicate the versions of Ubuntu patched for this issue. Part of the general problem is servers that should be maintained in the cloud are instead running in a closet without maintenance.
A modern more robust approach:
- Consider virtualization where possible, with remote staff dedicated to patches and maintenance
- for long-term survivability of custom code assets, use OS-agnostic coding methods with modern build systems such as CMake.
- Use continuous integration with unit tests and integration tests
- common version control across code products
Registration tests are a first step on wrangling the dataflow lifecycle. Registration tests + continuous integration add meaningful testing across OS & compiler versions, monitoring edge cases that break. Driving toward unit tests incrementally as warranted allow minimal upfront expenditure.