Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Denial of Service in BIND
Aktuelle Meldungen Distributionen
Name: Denial of Service in BIND
ID: USN-3088-1
Distribution: Ubuntu
Plattformen: Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 16.04 LTS
Datum: Di, 27. September 2016, 23:15
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2776

Originalnachricht

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============7057998982539495700==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="m4vuSVpRUtGPq4dsV9AsonUuanMQNuUkc"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--m4vuSVpRUtGPq4dsV9AsonUuanMQNuUkc
Content-Type: multipart/mixed;
boundary="8ciuXJAqf8QURwShQdBerVBG0A4WwvNsR"
From: Marc Deslauriers <marc.deslauriers@canonical.com>
Reply-To: Ubuntu Security <security@ubuntu.com>
To: ubuntu-security-announce@lists.ubuntu.com
Message-ID: <f026224f-bdc6-93ef-9ab8-d7b2c63aee98@canonical.com>
Subject: [USN-3088-1] Bind vulnerability

--8ciuXJAqf8QURwShQdBerVBG0A4WwvNsR
Content-Type: text/plain; charset=utf-
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-3088-1
September 27, 2016

bind9 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

Bind could be made to crash if it received specially crafted network
traffic.

Software Description:
- bind9: Internet Domain Name Server

Details:

It was discovered that Bind incorrectly handled building responses to
certain specially crafted requests. A remote attacker could possibly use
this issue to cause Bind to crash, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
bind9 1:9.10.3.dfsg.P4-8ubuntu1.1

Ubuntu 14.04 LTS:
bind9 1:9.9.5.dfsg-3ubuntu0.9

Ubuntu 12.04 LTS:
bind9 1:9.8.1.dfsg.P1-4ubuntu0.17

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-3088-1
CVE-2016-2776

Package Information:
https://launchpad.net/ubuntu/+source/bind9/1:9.10.3.dfsg.P4-8ubuntu1.1
https://launchpad.net/ubuntu/+source/bind9/1:9.9.5.dfsg-3ubuntu0.9
https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.P1-4ubuntu0.17



--8ciuXJAqf8QURwShQdBerVBG0A4WwvNsR--

--m4vuSVpRUtGPq4dsV9AsonUuanMQNuUkc
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJX6rWVAAoJEGVp2FWnRL6T+IcP/2m/wpREPXtwGIqlZ+vD54Gj
/jp5Ya9QoyrqgfdlgMKxEeEkkKixBUrt4AaJnmdYKPatAFDZypFqRj5ZAejtQqVX
57+ieQuohX5kKpDc03aiEJQLoh9xqbXc2FL9Rad1QD5fW4XENC5UzeoBqRd/TRdT
2o6zqY1QV5AwF3hw0YUUR6HMYYaldjkoIain8sEr3utGHQG01QPBn83YMJgjhW3I
ydUdttlHXzO0mIAiKEbLhq2gJompTakwIDuDYzO3nFM27pVn+n65JI/OJpt1knZU
yk3QZYo8UKiyGsk4WO01OQJ3lv+PvMmVwenGrXnfyQLi4ScYhhfkWoT8j3c8WZ0r
sye8jtCsgD3RRi4pwiD7o8i8r6Cr7L0Ohmn2DSS3nN5Dcz5YkRYpuEshx19MzS3P
Y34lCAqQiqYAiQ/iqfYieQ9ffuRoYzAutMrIN+pcM+a2gTX7t/CVsGQEAh90YNWC
U8HOTf3qOchlQ/XUQe5Opnl1357UyxIY2tRSdihGMyySyaTgs9MskGyhhAP9OCK5
qhdF4XCw0Q8+w3KdVMEK69P6VMrBUGmQM8742n3se+/KLfPT23obc0sSz/zAFdon
vZM4PG+I8G0pJmlzqqlsuQJoWSRXF+g37aQ9OL1O7O+B59kG2ID63rp76vWPXxUY
tNhU6igojSgujVA7fsbj
=EBi/
-----END PGP SIGNATURE-----

--m4vuSVpRUtGPq4dsV9AsonUuanMQNuUkc--


--===============7057998982539495700==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============7057998982539495700==--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung