This month's security alerts about the Meltdown and Spectre
vulnerabilities are already addressed by SUSE:

On SLES12 SP2 with patches to the 4.4.103-92.56.1 kernel
On SLES11 SP4 with patches to the 3.0.101-108.21.1 kernel
https://www.suse.com/security/cve/CVE-2017-5753/
+ of course other patches are needed

So that OES2015SP1 since about a week ago can be patched against these
CVEs.

However OES2018 does not use the SUSE repos for the base OS; instead it
gets updates from OES2018-SLES12-SP2-Updates. In this respect it is
more like a SLES appliance than previous releases. That and the move to
SLE12 I embrace as being good thing, although not without its teething
problems: I did successfully upgrade this from 2015SP1 with IDM 4.62
after a moderate struggle.

Right now though, my fully patched OES2018 test machine is only on
kernel 4.4.74-92.38.1 and so is not patchable against the Meltdown and
Spectre vulnerabilities (unlike its predecessor). The kernel version
marks this repository as being about 3 months behind the cusp of the
SLES12 SP2 repos.

I am hoping that the current lag between the SLES and OES_SLES repos is
not going to be a permanent one; at the moment, it is part of the
argument against upgrading live servers.

PaulK