Cisco Confirms 88 Products Vulnerable to FragmentStack Bug, KDE neon Rebased on Ubuntu 18.04 LTS, GNOME 3.30.1 Released, Rust Announces Version 1.29.1 and Mozilla Launches Firefox Monitor

News briefs for September 26, 2018.

Cisco confirms that 88 of its products that rely on the Linux kernel are vulnerable to the FragmentStack bug. According to ZDNet, "the bug can saturate a CPU's capacity when under a low-speed attack using fragmented IPv4 and IPv6 packets, which could cause a denial-of-service condition on the affected device." Affected products include "Nexus switches, Cisco IOS XE software, and equipment from its lines of Unified Computing and Unified Communications brands, several TelePresence products, and a handful of wireless access points."

The KDE neon team announces the rebase of its packages onto Ubuntu 18.04 LTS "Bionic Beaver" and encourages users to upgrade now. You also can download a clean installation from here.

GNOME 3.30.1 has been released. This release contains only bugfixes. If you want to compile it, you can use the BuildStream project snapshot. See the list of updated modules and changes here.

The Rust Team yesterday announced Rust 1.29.1. This new version fixes a security vulnerability in the standard library "where if a large number was passed to str::repeat, it could cause a buffer overflow after an integer overflow. If you do not call the str::repeat, function you are not affected." See the release notes on GitHub for all the details.

Mozilla yesterday launched Firefox Monitor, a free service that alerts you if you've been part of a data breach. Enter your email at Firefox Monitor for a basic scan.

Jill Franklin is an editorial professional with more than 17 years experience in technical and scientific publishing, both print and digital. As Executive Editor of Linux Journal, she wrangles writers, develops content, manages projects, meets deadlines and makes sentences sparkle. She also was Managing Editor for TUX and Embedded Linux Journal, and the book Linux in the Workplace. Before entering the Linux and open-source realm, she was Managing Editor of several scientific and scholarly journals, including Veterinary Pathology, The Journal of Mammalogy, Toxicologic Pathology and The Journal of Scientific Exploration. In a previous life, she taught English literature and composition, managed a bookstore and tended bar. When she’s not bugging writers about deadlines or editing copy, she throws pots, gardens and reads. You can contact Jill via e-mail, ljeditor@linuxjournal.com.

Load Disqus comments