Merge pull request #180 from YunoHost/meltdown-spectre

[enh] display warning and instruction to fix meltdown vulnerability
2024-09-03 20:06:15 +02:00 · 2018-01-13 22:31:00 +01:00 · 2018-01-13 22:31:00 +01:00 · d690d6c91a
commit d690d6c91a
parent 2d1678a468 c7cc4884c5
2 changed files with 8 additions and 0 deletions
--- a/src/js/yunohost/controllers/home.js
+++ b/src/js/yunohost/controllers/home.js
@ -71,6 +71,13 @@
                c.flash('fail', y18n.t('error_retrieve_feed', [securityFeed]));
            });

+            c.api("/diagnosis", function(data) {
+                console.log(data);
+                if (data.security["CVE-2017-5754"].vulnerable) {
+                    c.flash('danger', y18n.t('meltdown'));
+                }
+            });
+
            c.view('home');
        });
    });
--- a/src/locales/en.json
+++ b/src/locales/en.json
@ -343,6 +343,7 @@
    "install_letsencrypt_cert" : "Install a Let's Encrypt certificate",
    "manually_renew_letsencrypt_message" : "Certificate will be automatically renewed during the last 15 days of validity. You can manually renew it if you want to. (Not recommended).",
    "manually_renew_letsencrypt" : "Manually renew now",
+    "meltdown" : "You are vulnerable to the <a target=\"_blank\" href=\"https://meltdownattack.com/\">meltdown</a> critical security vulnerability. To fix that, you need to <a href=\"#/update\">update your system</a> then <a href=\"#/tools/reboot\">reboot it</a> to load the new linux kernel.",
    "regenerate_selfsigned_cert_message" : "If you want, you can regenerate the self-signed certificate.",
    "regenerate_selfsigned_cert" : "Regenerate self-signed certificate",
    "revert_to_selfsigned_cert_message" : "If you really want to, you can reinstall a self-signed certificate. (Not recommended)",