USN-2925-1: Bind vulnerabilities
USN-2925-1: Bind vulnerabilities Ubuntu Security Notice USN-2925-1 9th March, 2016 bind9 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Bind could be made to crash if it received specially crafted network traffic. Software description bind9 – Internet Domain Name Server Details It was discovered that Bind incorrectly handled input received by the rndccontrol channel. A remote attacker could possibly use this issue to causeBind to crash, resulting in a denial of service. (CVE-2016-1285) It was discovered that Bind incorrectly parsed resource record signaturesfor DNAME resource records. A remote attacker could possibly use this issueto cause Bind to crash, resulting in a denial of service. (CVE-2016-1286) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 15.10: bind9 1:9.9.5.dfsg-11ubuntu1.3 Ubuntu 14.04 [ more… ]