nodejs · mhdawson · Jan 8, 2018 · Jan 8, 2018 · Jan 8, 2018 · Jan 8, 2018
diff --git a/locale/ar/index.md b/locale/ar/index.md
@@ -1,7 +1,7 @@
 ---
 layout: index.hbs
 labels:
-  banner: Spectre and Meltdown in the context of Node.js - no current action required.
+  banner: Spectre and Meltdown in the context of Node.js.
   current-version: الاصدار الحالي
   download: تحميل
   download-for: تحميل النسخة الخاصة ب

diff --git a/locale/ca/index.md b/locale/ca/index.md
@@ -1,7 +1,7 @@
 ---
 layout: index.hbs
 labels:
-  banner: Spectre and Meltdown in the context of Node.js - no current action required.
+  banner: Spectre and Meltdown in the context of Node.js.
   current-version: Versió actual
   download: Descarregar
   download-for: Descarregar per

diff --git a/locale/de/index.md b/locale/de/index.md
@@ -1,7 +1,7 @@
 ---
 layout: index.hbs
 labels:
-  banner: Spectre and Meltdown in the context of Node.js - no current action required.
+  banner: Spectre and Meltdown in the context of Node.js.
   current-version: Aktuelle Version
   download: Download
   download-for: Herunterladen für

diff --git a/locale/en/blog/vulnerability/jan-2018-spectre-meltdown b/locale/en/blog/vulnerability/jan-2018-spectre-meltdown
@@ -9,16 +9,34 @@ author: Michael Dawson
 
 # Summary
 
-Project zero has recently announced some new attacks that have received a lot of attention: https://googleprojectzero.blogspot.ca/2018/01/reading-privileged-memory-with-side.html.
-
-The risk from these attacks to systems running Node.js resides in the systems in which your Node.js applications run, as opposed to the Node.js runtime itself. The trust model for Node.js assumes you are running trusted code and does not provide any separation between code running within the runtime itself. Therefore, untrusted code that would be necessary to execute these attacks in Node.js could already affect the execution of your Node.js applications in ways that are more severe than possible through these new attacks.
-
-This does not mean that you don't need to protect yourself from these new attacks when running Node.js applications. To do so, apply the security patches for your operating system. You do not need to update the Node.js runtime.
+Project zero has recently announced some new attacks that have received a
+lot of attention:
+https://googleprojectzero.blogspot.ca/2018/01/reading-privileged-memory-with-side.html.
+
+The risk from these attacks to systems running Node.js resides in the
+systems in which your Node.js applications run, as opposed to the
+Node.js runtime itself. The trust model for Node.js assumes you are
+running trusted code and does not provide any separation between code
+running within the runtime itself. Therefore, untrusted code that
+would be necessary to execute these attacks in Node.js could already
+affect the execution of your Node.js applications in ways that
+are more severe than possible through these new attacks.
+
+This does not mean that you don't need to protect yourself from
+these new attacks when running Node.js applications. If an attacker
+manages to run malicious code on an upatched OS (whether using
+javascript or something else) they may be able to access memory and or
+data that they should not have access to.  In order to protect yourself
+from these cases, apply the security patches for your operating
+system. You do not need to update the Node.js runtime.
 
 # Contact and future updates
 
 The current Node.js security policy can be found at https://nodejs.org/en/security/.
 
 Please contact security@nodejs.org if you wish to report a vulnerability in Node.js.
 
-Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the [nodejs GitHub organisation](https://github.com/nodejs/).
+Subscribe to the low-volume announcement-only nodejs-sec mailing list at
+https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date
+on security vulnerabilities and security-related releases of Node.js and
+the projects maintained in the [nodejs GitHub organisation](https://github.com/nodejs/).
diff --git a/locale/en/index.md b/locale/en/index.md
@@ -1,7 +1,7 @@
 ---
 layout: index.hbs
 labels:
-  banner: Spectre and Meltdown in the context of Node.js - no current action required.
+  banner: Spectre and Meltdown in the context of Node.js.
   current-version: Current Version
   download: Download
   download-for: Download for

diff --git a/locale/es/index.md b/locale/es/index.md
@@ -1,7 +1,7 @@
 ---
 layout: index.hbs
 labels:
-  banner: Spectre and Meltdown in the context of Node.js - no current action required.
+  banner: Spectre and Meltdown in the context of Node.js.
   current-version: Versión Actual
   download: Descargar
   download-for: Descargar para

diff --git a/locale/fr/index.md b/locale/fr/index.md
@@ -1,7 +1,7 @@
 ---
 layout: index.hbs
 labels:
-  banner: Spectre and Meltdown in the context of Node.js - no current action required.
+  banner: Spectre and Meltdown in the context of Node.js.
   current-version: Version actuelle
   download: Téléchargements
   download-for: Téléchargements pour

diff --git a/locale/gl/index.md b/locale/gl/index.md
@@ -1,7 +1,7 @@
 ---
 layout: index.hbs
 labels:
-  banner: Spectre and Meltdown in the context of Node.js - no current action required.
+  banner: Spectre and Meltdown in the context of Node.js.
   current-version: Versión Actual
   download: Descargar
   download-for: Descargar para

diff --git a/locale/it/index.md b/locale/it/index.md
@@ -1,7 +1,7 @@
 ---
 layout: index.hbs
 labels:
-  banner: Spectre and Meltdown in the context of Node.js - no current action required.
+  banner: Spectre and Meltdown in the context of Node.js.
   current-version: Versione corrente
   download: Download
   download-for: Download per

diff --git a/locale/ja/index.md b/locale/ja/index.md
@@ -1,7 +1,7 @@
 ---
 layout: index.hbs
 labels:
-  banner: Spectre and Meltdown in the context of Node.js - no current action required.
+  banner: Spectre and Meltdown in the context of Node.js.
   current-version: 最新のバージョン
   download: ダウンロード
   download-for: ダウンロード

diff --git a/locale/ko/index.md b/locale/ko/index.md
@@ -1,7 +1,7 @@
 ---
 layout: index.hbs
 labels:
-  banner: Spectre and Meltdown in the context of Node.js - no current action required.
+  banner: Spectre and Meltdown in the context of Node.js.
   current-version: 현재 버전
   download: 다운로드
   download-for: 다운로드 -

diff --git a/locale/uk/index.md b/locale/uk/index.md
@@ -1,7 +1,7 @@
 ---
 layout: index.hbs
 labels:
-  banner: Spectre and Meltdown in the context of Node.js - no current action required.
+  banner: Spectre and Meltdown in the context of Node.js.
   current-version: Поточна версія
   download: Завантажити
   download-for: Завантажити для

diff --git a/locale/zh-cn/index.md b/locale/zh-cn/index.md
@@ -1,7 +1,7 @@
 ---
 layout: index.hbs
 labels:
-  banner: Spectre and Meltdown in the context of Node.js - no current action required.
+  banner: Spectre and Meltdown in the context of Node.js.
   current-version: 当前版本
   download: 下载
   download-for: 下载为