News briefs for March 7, 2018.

If you are running a version of Exim earlier than version 4.90.1, update now. There is a buffer overflow in base64d() of the open-source Exim MTA (message transfer agent) that allows attackers to run code remotely, as reported on nixCraft, which also notes that "at least 400k servers are at risk".

ZDNet reports today that GitHub has open-sourced Licensed, a program to make open-source licensing easier: "Licensed will help developers efficiently use their code's open-source licensing by spotting potential problems with a program's dependency license early in its development cycle."

The Khronos Group released Vulkan 1.1 today, "the first major update to this high-performance graphics/compute API since the initial Vulkan 1.0 release two years ago", according to Phoronix. NVIDIA's Vulkan beta drivers are available for Linux and Windows here.

Last week we reported on the GitHub DDoS attack, and it appears that memcached attacks continue to increase. There are simple fixes, according to The Register: "notably blocking off UDP traffic from Port 11211, which is the default avenue for traffic from memcached servers. In addition, the operators of memcached servers need to lock down their systems to avoid taking part in such denial of service attacks."

KaOS, an independent distribution focused on Qt and KDE, announced its new major version release, 2018.03, featuring an updated toolchain, KDE Plasma 5.12.2 LTS, along with the KDE Applications 17.12.2 and KDE Frameworks 5.43.0 software suites built on Qt 5.10.1. In addition, Falkon has replaced Qupzilla as the default web browser.