Ubuntu security notices
USN-3259-1: Bind vulnerabilities
USN-3259-1: Bind vulnerabilities Ubuntu Security Notice USN-3259-1 17th April, 2017 bind9 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in Bind. Software description bind9 – Internet Domain Name Server Details It was discovered that the resolver in Bind made incorrectassumptions about ordering when processing responses containinga CNAME or DNAME. An attacker could use this cause a denial ofservice. (CVE-2017-3137) Oleg Gorokhov discovered that in some situations, Bind did not properlyhandle DNS64 queries. An attacker could use this to cause a denialof service. (CVE-2017-3136) Mike Lalumiere discovered that in some situations, Bind didnot properly handle invalid operations requested via its controlchannel. An attacker with access to the control channel could causea denial of service. (CVE-2017-3138) Update instructions The [ more… ]