Thursday, December 6, 2012

[USN-1657-1] Bind vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJQwJn2AAoJEGVp2FWnRL6TkeQP/iTMHIJIg4A7KXmxfZ5CpS8h
hen23gvzk1HcQUlFP51EwU34nwcs7HckMrNxtxk/Vv80fmJq5IuJ+QFHdM420Jx7
KBbUghrFnhp8Wpno0WJ22PUaG9g1uduHWsfOX5UoqiC+1+6zcrxDhbUmdU/Ihc7n
uPWb8Wo5BvAwcIz6VjRNwbbWGBoQAi2AtGaK7yHN8Am5yp+oZsZn8hOW29m/k+gk
/DB75rT7+aKuUnLv9gVL49Q9FBo1fbQRocD0BR+B13GpYq+ac70jUwMqUzgH7Mia
mLA39h5fzzRg2RjBMe76lXTNDCxlnBRmAiEQiCBZhSVvt2TfuKCTxDYJ/80W+n+Q
Nl9zALSATTa/9gDEJ5vCggxLgk3/3Cl2+CjOP8zY6ofntDoHvOtRF/7H9b0b0uAY
rftxLo7dDtCooQo1ya39hhOA3rqAIiPXeY2Pgv86D6nNUpmXXrH5oHdz8EBOgKSF
PN/25FD+jahHpnzg/uUecszHqqPIrDVH0QJZU4+E0nkieDDOzIcJNDxGVCDpoOfO
O1esFV7tpcVWLsCqpzxCPnkB6gXO/sIMd3PsUQtNRhLxFcriA33kghwbnap98YOc
f3/sbgFjzhtIej3piodGteFKWTTBn2I+6BCmvxGzwjmZMZpic1+o1Ij4I3PVLbyE
4bN/Cgo+gf0gzZgzuMiR
=qTF2
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1657-1
December 06, 2012

bind9 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10
- Ubuntu 12.04 LTS

Summary:

Bind could be made to crash if it received specially crafted network
traffic.

Software Description:
- bind9: Internet Domain Name Server

Details:

It was discovered that Bind incorrectly handled certain crafted queries
when DNS64 was enabled. A remote attacker could use this flaw to cause Bind
to crash, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
bind9 1:9.8.1.dfsg.P1-4.2ubuntu3.1

Ubuntu 12.04 LTS:
bind9 1:9.8.1.dfsg.P1-4ubuntu0.5

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1657-1
CVE-2012-5688

Package Information:
https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.P1-4.2ubuntu3.1
https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.P1-4ubuntu0.5

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)