[USN-3769-2] Bind vulnerability


–===============6482318711349904165==
Content-Type: multipart/signed; micalg=”pgp-sha256″;
protocol=”application/pgp-signature”; boundary=”=-S77FvfvcWgWP7KiDHpZN”

–=-S77FvfvcWgWP7KiDHpZN
Content-Type: text/plain; charset=”UTF-8″
Content-Transfer-Encoding: quoted-printable

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Ubuntu Security Notice USN-3769-2
October 01, 2018

bind9 vulnerability
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 12.04 ESM

Summary:

Bind could be made to crash if it received specially crafted network
traffic.

Software Description:
– bind9: Internet Domain Name Server

Details:

USN-3769-1 fixed a vulnerability in Bind. This update provides
the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

=C2=A0It was discovered that Bind incorrectly handled the deny-answer-
=C2=A0aliases feature. If this feature is enabled, a remote attacker could
=C2=A0use this issue to cause Bind to crash, resulting in a denial of
=C2=A0service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
=C2=A0 bind9=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A01:9.8.1.dfsg.P1-4ubuntu0.26

In general, a standard system update will make all the necessary
changes.

References:
=C2=A0 https://usn.ubuntu.com/usn/usn-3769-2
=C2=A0 https://usn.ubuntu.com/usn/usn-3769-1
=C2=A0 CVE-2018-5740
–=-S77FvfvcWgWP7KiDHpZN
Content-Type: application/pgp-signature; name=”signature.asc”
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAABCAAGBQJbsjNWAAoJEEW851uECx9pL5cQAKQ4qnA7g71+qEwZvGgXC3BA
9xHltXJi/ecTFvUcA7KklhIcBsU2cbcKtAZ/m48R6YZhPdFZUpQ+kI1Oxf3NoN0u
Z5zyPtQ663ayAW8W8PfVxenCJ8webPuU2uvaz1drlc0Whz69lE5HCjygudUQHtCO
zlpYyoI6bAziBFnFTumg7KnyNx8Ct4AgsZHgZsyVal0hSfTamBz2iLzPTe7/9IPA
Kj0EShZmGfO7lffgcAG9y+2Gg78W7mZ1lHkTuaK54SaWhPm7Q4C1WRtYaS0dQ449
bQG5Iiog9VknFRM+X6u6ZmeJdKSYsqYZCOYoDZnRgA6uk0+4XPNHI229Y2cX9Pfj
GtaVAThGoeJzPnZNow4Fm0p62zRmQO1HGlaNQ60+cGp4M1COrms4A+q7+OArcTHe
4Yu6mwYDAV1Vri+rJgSZNvKSpaQ4q7vDTOPuh4qAMRic0cL+3cr55m4KX/8yAQCB
Dc2qWPJN2PF7OdXuvvqIf/bvzTeYWYyZL+0Jq6nclV93k1Wx6qQ5CkVNvyXo6jAE
6WjdzBPHDDGPLjffHwcGfYDF7Th3Wlvi6fFpi+kRn+BGs1gk2go3o/mLEDMZLDxp
KzqKFX38ydTGryZoSFrCPOu629Gs7K6EU7cfCyLn17p8dt1QaGSJuxslbiBxZWE+
H5gpfjXvpM5pCCBG8SSF
=lUqr
—–END PGP SIGNATURE—–

–=-S77FvfvcWgWP7KiDHpZN–

–===============6482318711349904165==
Content-Type: text/plain; charset=”utf-8″
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5
LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl
IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj
dXJpdHktYW5ub3VuY2UK

–===============6482318711349904165==–