Hello,

I would like to say that I disagree with this change.

Not because I think that the mitigations are good enough. It is a little bit more complex:

* I do not think that we can generally say that mitigations are bad. Some are pretty much solid fixes. Some are quite the opposite. That means that some should be rather green and some others should be rather red. Making them all orange is not suitable from my point of view.

* I do not want to scare our users. Yes, their hardware might be broken. But there is no point in changing this now with something very similar. There is no good hardware out there that performs at the same time. I do not want to spread the view that IPFire is only broken because we show this information.

Therefore I am kind of okay with the blue. It does not really send a message. The message is complex. I could write half a book about it.

What are other people’s views on this?

-Michael

On 10 Jun 2019, at 20:24, Peter Müller peter.mueller@ipfire.org wrote:

A mitigated (CPU) vulnerability is still present and might be just harder to exploit. Using blue as colour for them does not illustrate their dangerousness - orange is a better choice as far as I am concerned.

Scaring people away from Intel processors will be a completely unintended side effect. :-)

Signed-off-by: Peter Müller peter.mueller@ipfire.org

html/cgi-bin/vulnerabilities.cgi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/html/cgi-bin/vulnerabilities.cgi b/html/cgi-bin/vulnerabilities.cgi index a8746c30c..21d963618 100644 --- a/html/cgi-bin/vulnerabilities.cgi +++ b/html/cgi-bin/vulnerabilities.cgi @@ -129,7 +129,7 @@ for my $vuln (sort keys %VULNERABILITIES) { } elsif ($status eq "Mitigation") { $status_message = $Lang::tr{'mitigated'}; $colour = "white";

• $bgcolour = ${Header::colourblue};
  

• $bgcolour = ${Header::colourorange};
  
  

  # Unknown report from kernel } else {

-- 2.16.4