==========================================================================
Ubuntu Security Notice USN-3535-2
January 17, 2018

bind9 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 12.04 ESM

Summary:

Bind could be made to crash if it received specially crafted network
traffic.

Software Description:
– bind9: Internet Domain Name Server

Details:

USN-3535-1 fixed a vulnerability in Bind. This update provides
the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

 Jayachandran Palanisamy discovered that the Bind resolver incorrectly
 handled fetch cleanup sequencing. A remote attacker could possibly use
 this issue to cause Bind to crash, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
  bind9                           1:9.8.1.dfsg.P1-4ubuntu0.24

In general, a standard system update will make all the necessary
changes.

References:
  https://www.ubuntu.com/usn/usn-3535-2
  https://www.ubuntu.com/usn/usn-3535-1
  CVE-2017-3145
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAABCAAGBQJaX2tqAAoJEEW851uECx9pW6QP/i1PnPS0Wb2FHfdZqSs9ngAG
cvClA7ky5aUbeLuFPqQ1DQTvPuIlEv7/tmH9atPYHa7Bj/XPIkEYokZsjppASY9U
2q5TxMIRbFIbedKYL5moPLTf/jsSB2LWTjvFQL196E8VPF9NiCPRf39/SHzOJAAk
V0Z1CPS4ZEArG8nkZEYg4tymXQEu/j4WNzMHFJBxrKhrCl4tWGuMK1WQrkWnijvi
9RWvEIqxX9nM1c6bu9YE1s5cmfTMxbQoByVZlP8RPR0ZQUEc0tyGpmcrnYz5XwU6
Ov7ER8tp/c0dC/wq/qFwo/cq4MPfNnHtZTShHqsajf6quLge+2m8tkQkILDxDul7
+oYlH4cznsqPM/LohW2fKFAzW0pgSdHfjg6mZh/UX4h1lYw8tt1Pmb/v+VxnXVFn
IvQhG+ZZwHMynPqXVaeIWxbrWIjgEr6EJ3qxQEVhhWcYIpLi5io8GgynY/gzSDMb
fiaQm/1Br8LUZp84IlqwlUSKPo2R3kzLBkvEJR6RsfI0TU4hnSG399mfGASQqyvv
RazBt8Z9z2l8i5ZKoypP+lviBiqPZ7VUFb4ZoLAe0ojsUdJuakKV0gOECK3Wst+f
Dq5ZRrIs6XTNP6bBOSrRY2IddOpUBZ56G8UVt6yb9uReE02fjVlYZhwGAjZ2Ykfx
De/6Esj0cBzBdCaTCza1
=9QT/
—–END PGP SIGNATURE—–
—