You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa bind9

Sigurnosni nedostaci programskog paketa bind9

by - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-4399-1
June 17, 2020

bind9 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 20.04 LTS

Summary:

Bind could be made to crash if it received specially crafted network
traffic.

Software Description:
– bind9: Internet Domain Name Server

Details:

It was discovered that Bind incorrectly handled large responses during zone
transfers. A remote attacker could possibly use this issue to cause Bind to
crash, resulting in a denial of service. (CVE-2020-8618)

It was discovered that Bind incorrectly handled certain asterisk characters
in zone files. A remote attacker could possibly use this issue to cause
Bind to crash, resulting in a denial of service. (CVE-2020-8619)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
bind9 1:9.16.1-0ubuntu2.2

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4399-1
CVE-2020-8618, CVE-2020-8619

Package Information:
https://launchpad.net/ubuntu/+source/bind9/1:9.16.1-0ubuntu2.2

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl7qoSwACgkQZWnYVadE
vpOvPw/7BLxAiaNYFM06hzcfmJswvOGT1JWraWNr8QklETow2ma2mWa1rr1lykHs
u9MmB20Fguf3+7bjClwBS2PQSAmxZr4VJnMiSKG/Gwc9w7yFSYNX7xyFxMjarJkA
ibnbFaZiZk5bxkFZ7fXTcxfKQ/Ya4tEnEazdmBO8IdZWTTg5T5h8qSAXnGvjfKIO
y3R1genUU9XIMyeq/eb/EiaHQzbGxC7CYUQeRbMwdnrOQIybyFDF3Vns66VxM/fa
20A4bcES+s31Fs+1jyGfax3tRiDbWHG8ZtAdnThZcsNkCnruSJIsfL6GFY3/W2/d
FySLBkziJoFBvrYr9hg6zWKNgQSBX4wUx248ZhjgC+L2/GsF6L1JR9IZ51AAFPaS
JerM6cqmrx6zAdVAcetHQT2OfJMQ3c29x3waFkGXq/9NNQlLuKDjcltk+Frqkzbc
844CRs05qC/rVPCLWl8T2tIcL1+He4kgCn82cG+Rq1ZcKNv+kh325EKjV0+AzgP/
+Tc4aPNFv3KZUjRIEsYJs7avmyJT2IFa+1f1Bq4l8UuuhMs7o4wl0S4JvY6eFzRY
sPjlDbZr7TA0dVT7TShJYq24zVPCETN93WMLudOcIUa23zb37Js3v7/GR8kFG4VO
WDbO1Trqiqkxmb0xA3XHTohpwe394vG/e6PbPVcSzc5jYnBa1Yg=
=mgh2
—–END PGP SIGNATURE—–

AutorGoran Culibrk
Cert idNCERT-REF-2020-06-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak jezgre operacijskog sustava

Otkriven je sigurnosni nedostatak u jezgri operacijskog sustava Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje otkrivanje osjetljivih informacija. Savjetuje se ažuriranje...

Close