I have a web facing server running nginx, php5-fpm and mysql / mariadb, It is still on 6.1. Remarkably I have a continuous uptime without incident of 150+ days. I understand the meltdown patch is available for 6.2. From a security standpoint how urgent is it that I upgrade and apply the patch?
Notably the webserver is a VPS not on bare metal. If my VPS provider is not patched against meltdown what difference would it make? Are virtual CPUs even susceptible to meltdown? I suspect not. But the underlying physical CPU would be.
