==========================================================================
Ubuntu Security Notice USN-2837-1
December 15, 2015
bind9 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 15.10
– Ubuntu 15.04
– Ubuntu 14.04 LTS
– Ubuntu 12.04 LTS
Summary:
Bind could be made to crash if it received specially crafted network
traffic.
Software Description:
– bind9: Internet Domain Name Server
Details:
It was discovered that Bind incorrectly handled responses with malformed
class attributes. A remote attacker could use this issue to cause Bind to
crash, resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 15.10:
bind9 1:9.9.5.dfsg-11ubuntu1.1
Ubuntu 15.04:
bind9 1:9.9.5.dfsg-9ubuntu0.4
Ubuntu 14.04 LTS:
bind9 1:9.9.5.dfsg-3ubuntu0.6
Ubuntu 12.04 LTS:
bind9 1:9.8.1.dfsg.P1-4ubuntu0.14
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2837-1
CVE-2015-8000
Package Information:
https://launchpad.net/ubuntu/+source/bind9/1:9.9.5.dfsg-11ubuntu1.1
https://launchpad.net/ubuntu/+source/bind9/1:9.9.5.dfsg-9ubuntu0.4
https://launchpad.net/ubuntu/+source/bind9/1:9.9.5.dfsg-3ubuntu0.6
https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.P1-4ubuntu0.14
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2
iQIcBAEBCgAGBQJWcIjPAAoJEGVp2FWnRL6TcxsP/Rg2emNZwGynU7sMICX+H53h
7lZjRDyJrzlGGOobAg4R+VakJyx+WqXfBwyFmg1MjCn85UZxuC8e8TC1yoXJ2nC8
ZOE2nEImG8rqXwRyJcbY2RQ1cVQwwQbRuPvpODt7lgZ8zV2Ph+qEv+B/1uvakZGU
rHkBnSkAHCwO66XDTykFcSKMkwf6gxkxEt+jl6S/Kuc+P9voMDViSbEi6j5LeurD
Zixl0STNNIa0KlbAil2T280FPnNqfv6VfybuylZyU93wXiaqQMGdzXG0Av6Oz7ly
kuttKLVGwqMyNrqItOJmItK5bPKW5gvcbPbgb5EkmnPy0EqRSJ7mdEfS44VbOfdy
CEaadW5CDzFCV+knuLpeNjnOgXXcjDWMm3GeIGzUXHHtlqlEpBi2CrvhchUJ436+
BvGmdcbdn6g4V5Diri/n/afpompaTck5cNtsQyK08hS5kST3iWKpuZMIEBAmJ1WD
ccCahjYy7aytdhGvgQ7Y1BswcWI2uLXG5mwH6g8iOlw54a4DYqikVCQ0v0WQo5Y5
mVsMbSMK+IW0XOnrzLfdoRG+JCeusqCu7MiCzOkxIeIIl+Vst6P91d13TNrldZjX
m7LUdaeebvIcIaq22K88H8rcWkuwvm8yOtd54nryzZOgD87AM7Ujuixfx3jF+CBz
SdyPqAvaUvR0NN0zAjlo
=Vb5P
—–END PGP SIGNATURE—–
—