Cisco Confirms 88 Products Vulnerable to FragmentStack Bug, KDE neon Rebased on Ubuntu 18.04 LTS, GNOME 3.30.1 Released, Rust Announces Version 1.29.1 and Mozilla Launches Firefox Monitor
News briefs for September 26, 2018.
Cisco confirms that 88 of its products that rely on the Linux kernel are vulnerable to the FragmentStack bug. According to ZDNet, "the bug can saturate a CPU's capacity when under a low-speed attack using fragmented IPv4 and IPv6 packets, which could cause a denial-of-service condition on the affected device." Affected products include "Nexus switches, Cisco IOS XE software, and equipment from its lines of Unified Computing and Unified Communications brands, several TelePresence products, and a handful of wireless access points."
The KDE neon team announces the rebase of its packages onto Ubuntu 18.04 LTS "Bionic Beaver" and encourages users to upgrade now. You also can download a clean installation from here.
The Rust Team yesterday announced Rust
1.29.1. This new version fixes a security vulnerability in the standard
library "where if a large number was passed to
str::repeat, it could cause a
buffer overflow after an integer overflow. If you do not call the
str::repeat, function you are not affected." See the release
notes on GitHub for all the details.
Limited Time Offer
Take Linux Journal for a test drive. Download our September issue for FREE.
Topic of the Week
The cloud has become synonymous with all things data storage. It additionally equates to the many web-centric services accessing that same back-end data storage, but the term also has evolved to mean so much more.