Application Security This Week for October 28

A flaw in X.Org is exploitable with a tweet sized attack.

https://lists.x.org/archives/xorg-announce/2018-October/002927.html

https://hacker.house/releasez/expl0itz/openbsd-0day-cve-2018-14665.sh

A malformed IPv6 packet can take over a Linux box. Thanks, SystemD.

https://www.theregister.co.uk/2018/10/26/systemd_dhcpv6_rce/

Twelve malicious Python libraries were found and removed from PyPi.

https://www.zdnet.com/article/twelve-malicious-python-libraries-found-and-removed-from-pypi/

And that’s the news!