The remote Debian host is missing a security-related update.
This update provides mitigations for the 'L1 Terminal Fault'vulnerability affecting a range of Intel CPUs. For additional information please refer to https://xenbits.xen.org/xsa/advisory-273.html. The microcode updates mentioned there are not yet available in a form distributable by Debian. In addition two denial of service vulnerabilities have been fixed (XSA-268 and XSA-269).
Upgrade the xen packages. For the stable distribution (stretch), these problems have been fixed in version 4.8.4+xsa273+shim4.10.1+xsa273-1+deb9u10.