Ubuntu 3893-2: Bind vulnerabilities

    Date25 Feb 2019
    Posted ByLinuxSecurity Advisories
    Several security issues were fixed in Bind.
    Ubuntu Security Notice USN-3893-2
    February 25, 2019
    bind9 vulnerabilities
    A security issue affects these releases of Ubuntu and its derivatives:
    - Ubuntu 12.04 ESM
    Several security issues were fixed in Bind.
    Software Description:
    - bind9: Internet Domain Name Server
    USN-3893-1 fixed a vulnerability in Bind. This update provides
    the corresponding update for Ubuntu 12.04 ESM.
    Original advisory details:
     It was discovered that Bind incorrectly handled certain trust anchors
     when used with the "managed-keys" feature. A remote attacker could
     possibly use this issue to cause Bind to crash, resulting in a denial
     of service. (CVE-2018-5745)
     It was discovered that Bind incorrectly handled certain controls for
     zone transfers, contrary to expectations. (CVE-2019-6465)
    Update instructions:
    The problem can be corrected by updating your system to the following
    package versions:
    Ubuntu 12.04 ESM:
      bind9                           1:9.8.1.dfsg.P1-4ubuntu0.27
    In general, a standard system update will make all the necessary
      CVE-2018-5745, CVE-2019-6465
    You are not authorised to post comments.

    LinuxSecurity Poll

    Has your email account ever been pwned in a data breach?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.