Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

Ubuntu 20.04 ESM: USN-5765-1 High: OpenSSL Security Update

Calendar Nov 29, 2022 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory denial of service bind ubuntu resource consumption
Several security issues were fixed in Bind. 
=========================================================================Ubuntu Security Notice USN-5747-1
November 29, 2022

bind9 vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM

Summary:

Several security issues were fixed in Bind.

Software Description:
- bind9: Internet Domain Name Server

Details:

It was discovered that Bind incorrectly handled large query name when using
lightweight resolver protocol. A remote attacker could use this issue to
consume resources, leading to a denial of service. (CVE-2016-2775)

It was discovered that Bind incorrectly handled large zone data size
received via AXFR response. A remote authenticated attacker could use this
issue to consume resources, leading to a denial of service. This issue only
affected Ubuntu 16.04 LTS. (CVE-2016-6170)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
  bind9                           1:9.10.3.dfsg.P4-8ubuntu1.19+esm5
  lwresd                          1:9.10.3.dfsg.P4-8ubuntu1.19+esm5

Ubuntu 14.04 ESM:
  bind9                           1:9.9.5.dfsg-3ubuntu0.19+esm9
  lwresd                          1:9.9.5.dfsg-3ubuntu0.19+esm9

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-5747-1
  CVE-2016-2775, CVE-2016-6170

Ubuntu 20.04 ESM: USN-5765-1 High: OpenSSL Security Update

ubuntu
Calendar Grey November 29, 2022
Dist Ubuntu Esm H88
Multiple vulnerabilities in Bind addressed in Ubuntu 16.04 and 14.04, with potential denial of service threats outlined in security notification USN-5748-1.
Several security issues were fixed in Bind.

Summary

Topics%20covered

Topics Covered

security advisory denial of service bind ubuntu resource consumption

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: bind9 1:9.10.3.dfsg.P4-8ubuntu1.19+esm5 lwresd 1:9.10.3.dfsg.P4-8ubuntu1.19+esm5 Ubuntu 14.04 ESM: bind9 1:9.9.5.dfsg-3ubuntu0.19+esm9 lwresd 1:9.9.5.dfsg-3ubuntu0.19+esm9 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5747-1

CVE-2016-2775, CVE-2016-6170

November 29, 2022

Topics%20covered

Topics Covered

security advisory denial of service bind ubuntu resource consumption

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here