==========================================================================
Ubuntu Security Notice USN-3491-1
November 22, 2017
ldns vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 17.10
– Ubuntu 17.04
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in ldns.
Software Description:
– ldns: ldns library for DNS programming
Details:
Leon Weber discovered that the ldns-keygen tool incorrectly set permissions
on private keys. A local attacker could possibly use this issue to obtain
generated private keys. This issue only applied to Ubuntu 14.04 LTS.
(CVE-2014-3209)
Stephan Zeisberg discovered that ldns incorrectly handled memory when
processing data. A remote attacker could use this issue to cause ldns to
crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2017-1000231, CVE-2017-1000232)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.10:
libldns2 1.7.0-1ubuntu1.17.10.1
Ubuntu 17.04:
libldns2 1.7.0-1ubuntu1.17.04.1
Ubuntu 16.04 LTS:
libldns1 1.6.17-8ubuntu0.1
Ubuntu 14.04 LTS:
libldns1 1.6.17-1ubuntu0.1
In general, a standard system update will make all the necessary changes.
References:
https://www.ubuntu.com/usn/usn-3491-1
CVE-2014-3209, CVE-2017-1000231, CVE-2017-1000232
Package Information:
https://launchpad.net/ubuntu/+source/ldns/1.7.0-1ubuntu1.17.10.1
https://launchpad.net/ubuntu/+source/ldns/1.7.0-1ubuntu1.17.04.1
https://launchpad.net/ubuntu/+source/ldns/1.6.17-8ubuntu0.1
https://launchpad.net/ubuntu/+source/ldns/1.6.17-1ubuntu0.1
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2
iQIcBAEBCgAGBQJaFeUUAAoJEGVp2FWnRL6T/U0QALjNKO8O6aKT8S/flTC3EtIe
xnUhDhqWH5xhXZWz1FSrO643Xqof+BoMNHoKcV3lz5obu3dFPK7WonX+W67pEM8q
EhKhltbjKhFAcQn9RXkLsiPC9XxrI6GSgGvn1lcab3lQn93Q1tfcEXEFF7XA+m7U
EmJcynfMVF5eMIj6FCSOgJ4QKEERrqJC5HOnQq9z8rxDCIpa7XDeDVJ/chF8S+2T
6DScARaBT2V7yMN2eTT++hW5cJvukF0MO52ELEmQs0OZssN+MmXe59q9hLYCOjxb
1Tq28x4EALPbUIBrRJYGKW0KXfgqD3EX4GcTniWrLpg5D0g/o9TqOxmWbGMjbas1
+1lKi5ZweKZN5PsycByzWEW3936dcFKyE8csMr9xVXaaBaGN4MaUJo25hvUlv2Z9
sEvi1s7Mzp+v2SS/gj49SvxSXj62YBmb5bpCP/scUo4vkRwE1eBFSChinog8exGi
SUo4NR+NIiBZ+9uh/9l8f04OXvUSIoFgvrj23GYwuibX7lUwHy77syPHefHxEElu
SzR8Zy5pORI8PLcQz1VakHQNSGwxwnJ0M7EAKD8UOZGkCLTcAsjAesEXa2ixSeJG
lOaj/bPp4kAnk9HR8RcMHNs1wqkrHThkDAMNr6zQrfjo0/QXlcPkseQNtFVu7U8i
Mw5s/JT5odIUXQgWD8Hf
=FMBt
—–END PGP SIGNATURE—–
—