==========================================================================
Ubuntu Security Notice USN-4399-1
June 17, 2020
bind9 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 20.04 LTS
Summary:
Bind could be made to crash if it received specially crafted network
traffic.
Software Description:
– bind9: Internet Domain Name Server
Details:
It was discovered that Bind incorrectly handled large responses during zone
transfers. A remote attacker could possibly use this issue to cause Bind to
crash, resulting in a denial of service. (CVE-2020-8618)
It was discovered that Bind incorrectly handled certain asterisk characters
in zone files. A remote attacker could possibly use this issue to cause
Bind to crash, resulting in a denial of service. (CVE-2020-8619)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS:
bind9 1:9.16.1-0ubuntu2.2
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4399-1
CVE-2020-8618, CVE-2020-8619
Package Information:
https://launchpad.net/ubuntu/+source/bind9/1:9.16.1-0ubuntu2.2
—–BEGIN PGP SIGNATURE—–
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl7qoSwACgkQZWnYVadE
vpOvPw/7BLxAiaNYFM06hzcfmJswvOGT1JWraWNr8QklETow2ma2mWa1rr1lykHs
u9MmB20Fguf3+7bjClwBS2PQSAmxZr4VJnMiSKG/Gwc9w7yFSYNX7xyFxMjarJkA
ibnbFaZiZk5bxkFZ7fXTcxfKQ/Ya4tEnEazdmBO8IdZWTTg5T5h8qSAXnGvjfKIO
y3R1genUU9XIMyeq/eb/EiaHQzbGxC7CYUQeRbMwdnrOQIybyFDF3Vns66VxM/fa
20A4bcES+s31Fs+1jyGfax3tRiDbWHG8ZtAdnThZcsNkCnruSJIsfL6GFY3/W2/d
FySLBkziJoFBvrYr9hg6zWKNgQSBX4wUx248ZhjgC+L2/GsF6L1JR9IZ51AAFPaS
JerM6cqmrx6zAdVAcetHQT2OfJMQ3c29x3waFkGXq/9NNQlLuKDjcltk+Frqkzbc
844CRs05qC/rVPCLWl8T2tIcL1+He4kgCn82cG+Rq1ZcKNv+kh325EKjV0+AzgP/
+Tc4aPNFv3KZUjRIEsYJs7avmyJT2IFa+1f1Bq4l8UuuhMs7o4wl0S4JvY6eFzRY
sPjlDbZr7TA0dVT7TShJYq24zVPCETN93WMLudOcIUa23zb37Js3v7/GR8kFG4VO
WDbO1Trqiqkxmb0xA3XHTohpwe394vG/e6PbPVcSzc5jYnBa1Yg=
=mgh2
—–END PGP SIGNATURE—–
—