wsD5BAABCAAjFiEEkd98mdFcnQdP7vQkuGrtzot7pOcFAmbhR1EFAwAAAAAACgkQuGrtzot7pOcy
Dwv/bu7oDoWcJnYDG/LSoZeS1HFwbbNhPTrRhrx8NR+1NyMK9OwfFhLQSGhZNvzhATf5gdmSceMH
NeiIF1onyNiLtf7W+zIGs9DjlA2SN6eOQ44Jtbah3dQUn6nYsvi8FetTd0GtnS3dkKB5abGxF5dx
QquN4csm4dU87fW+GlEKKUmsWVWka3gHSf5v6K27JEiV1con4goJURjhSpJ8HOmbW5V0EIbfv1Z6
c1SHQI+XNqpUbuZ7CaRSHFOJO+zdPUVU0vmx2vC0FgImbWtSqVAPbe1bv6pG+B48Im0ruTccI6Jb
6cibNyxTNxTrm7H0WNA0GAxrzZnIqbBwqbeuWlQM1SldmvVr2gWAtWf9IEbvS3nlsie5tjqm+ob9
ckkCusLgZz7h6TPJE4PnyQf1RonSb6EGCOJTWhx/s9tEQqAqdaAnmy6FJW+vzao02H4ipnppeQYu
iwFk3bKIMxFmbCaoN36lKgNd5EahseVVvBDJ+v7cbP3Kui8tr/Axs8Ur7wxB
=Pyjo
-----END PGP SIGNATURE-----
========================================================================== Ubuntu Security Notice USN-6998-1 September 11, 2024 unbound vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in Unbound. Software Description: - unbound: validating, recursive, caching DNS resolver Details: It was discovered that Unbound incorrectly handled string comparisons, which could lead to a NULL pointer dereference. An attacker could potentially use this issue to cause a denial of service. (CVE-2024-43167) It was discovered that Unbound incorrectly handled memory in cfg_mark_ports, which could lead to a heap buffer overflow. A local attacker could potentially use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-43168) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS libunbound8 1.19.2-1ubuntu3.2 unbound 1.19.2-1ubuntu3.2 unbound-host 1.19.2-1ubuntu3.2 Ubuntu 22.04 LTS libunbound8 1.13.1-1ubuntu5.7 unbound 1.13.1-1ubuntu5.7 unbound-host 1.13.1-1ubuntu5.7 Ubuntu 20.04 LTS libunbound8 1.9.4-2ubuntu1.8 unbound 1.9.4-2ubuntu1.8 unbound-host 1.9.4-2ubuntu1.8 Ubuntu 18.04 LTS libunbound2 1.6.7-1ubuntu2.6+esm2 Available with Ubuntu Pro unbound 1.6.7-1ubuntu2.6+esm2 Available with Ubuntu Pro unbound-host 1.6.7-1ubuntu2.6+esm2 Available with Ubuntu Pro Ubuntu 16.04 LTS libunbound2 1.5.8-1ubuntu1.1+esm1 Available with Ubuntu Pro unbound 1.5.8-1ubuntu1.1+esm1 Available with Ubuntu Pro unbound-host 1.5.8-1ubuntu1.1+esm1 Available with Ubuntu Pro Ubuntu 14.04 LTS libunbound2 1.4.22-1ubuntu4.14.04.3+esm1 Available with Ubuntu Pro unbound 1.4.22-1ubuntu4.14.04.3+esm1 Available with Ubuntu Pro unbound-host 1.4.22-1ubuntu4.14.04.3+esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6998-1 CVE-2024-43167, CVE-2024-43168 Package Information: https://launchpad.net/ubuntu/+source/unbound/1.19.2-1ubuntu3.2 https://launchpad.net/ubuntu/+source/unbound/1.13.1-1ubuntu5.7 https://launchpad.net/ubuntu/+source/unbound/1.9.4-2ubuntu1.8
No comments:
Post a Comment