Meltdown vulnerability


#1

Hello, (english below)

J’ai un message curieux depuis ce matin, avez vous une idée de sa provenance et surtout de ses conséquences ? De ce que j’en comprends, il manquerait un fichier JSON ?

I have this message display on my admin interface. It begin this morning. Don’t really know what i have to do. Some people i’ve idea of vulnerability ? or risk and how to fix it ?

Unable to check for meltdown vulnerability: Command output for failed meltdown check: 'We’re missing some kernel info (see -v), accuracy might be reduced We’re missing some kernel info (see -v), accuracy might be reduced [{“NAME”:“MELTDOWN”,“CVE”:“CVE-2017-5754”,“VULNERABLE”:false,“INFOS”:“your CPU vendor reported your CPU model as not vulnerable”}] ’

Something wrong happened when trying to diagnose Meltdown vunerability, exception: No JSON object could be decoded

Merci pour votre aide.
Thanks for your help.

Guillaume


#2

Sorry, that’s looks like a benign issue with the way yunohost interfaces with the metdown/spectre vulnerability checker. You’re actually not vulnerable (c.f. the message) - it just complais that it misses some kernel info which might reduce the accuracy …

We’ll look into it and provide a hotfix soon™


#3

Merci beaucoup pour cette avis, voilà qui est rassurant :slight_smile:


#4

(Le fix est dispo dans la 3.4.2.1)


#5

Merci beaucoup, quel réactivité :slight_smile: j’en ai déja fais une en début d’après midi
Merci