Alerts This Week
Warning Icon 1 687
Alerts This Week
Warning Icon 1 687

Critical Unbound DNS Issue USN-3673-1 for Ubuntu 18.04 LTS Release

Calendar Jun 07, 2018 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory critical update instructions ubuntu dns issue security notice unbound
A security issue was fixed in Unbound. 
=========================================================================Ubuntu Security Notice USN-3673-1
June 07, 2018

unbound vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS
- Ubuntu 17.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

A security issue was fixed in Unbound.

Software Description:
- unbound: validating, recursive, caching DNS resolver

Details:

Ralph Dolmans and Karst Koymans discovered that Unbound did not properly
handle certain NSEC records. An attacker could use this to to prove the
non-existence (NXDOMAIN answer) of an existing wildcard record, or trick
Unbound into accepting a NODATA proof.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  libunbound2                     1.6.7-1ubuntu2.1
  unbound                         1.6.7-1ubuntu2.1

Ubuntu 17.10:
  libunbound2                     1.6.5-1ubuntu0.2
  unbound                         1.6.5-1ubuntu0.2

Ubuntu 16.04 LTS:
  libunbound2                     1.5.8-1ubuntu1.1
  unbound                         1.5.8-1ubuntu1.1

Ubuntu 14.04 LTS:
  libunbound2                     1.4.22-1ubuntu4.14.04.3
  unbound                         1.4.22-1ubuntu4.14.04.3

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-3673-1
  CVE-2017-15105

Package Information:
  https://launchpad.net/ubuntu/+source/unbound/1.6.7-1ubuntu2.1
  https://launchpad.net/ubuntu/+source/unbound/1.6.5-1ubuntu0.2
  https://launchpad.net/ubuntu/+source/unbound/1.5.8-1ubuntu1.1
  https://launchpad.net/ubuntu/+source/unbound/1.4.22-1ubuntu4.14.04.3

Critical Unbound DNS Issue USN-3673-1 for Ubuntu 18.04 LTS Release

ubuntu
Calendar Grey June 7, 2018
Dist Ubuntu Esm H88
An important vulnerability in the Unbound DNS resolver has been identified, necessitating updates based on Ubuntu Security Notice USN-3674-2.
A security issue was fixed in Unbound.

Summary

Topics%20covered

Topics Covered

security advisory critical update instructions ubuntu dns issue security notice unbound

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: libunbound2 1.6.7-1ubuntu2.1 unbound 1.6.7-1ubuntu2.1 Ubuntu 17.10: libunbound2 1.6.5-1ubuntu0.2 unbound 1.6.5-1ubuntu0.2 Ubuntu 16.04 LTS: libunbound2 1.5.8-1ubuntu1.1 unbound 1.5.8-1ubuntu1.1 Ubuntu 14.04 LTS: libunbound2 1.4.22-1ubuntu4.14.04.3 unbound 1.4.22-1ubuntu4.14.04.3 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-3673-1

CVE-2017-15105

Severity
critical
Lowest
Low
Medium
High
Critical

June 07, 2018

Topics%20covered

Topics Covered

security advisory critical update instructions ubuntu dns issue security notice unbound

Package Information

https://launchpad.net/ubuntu/+source/unbound/1.6.7-1ubuntu2.1 https://launchpad.net/ubuntu/+source/unbound/1.6.5-1ubuntu0.2 https://launchpad.net/ubuntu/+source/unbound/1.5.8-1ubuntu1.1 https://launchpad.net/ubuntu/+source/unbound/1.4.22-1ubuntu4.14.04.3

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here