Sigurnosni nedostatak programskog paketa bind9

Preporuke

by - 25. kolovoza 2020.0

Detalji os-a: WN7
Važnost: IMP
Operativni sustavi: L
Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-4468-2
August 24, 2020

bind9 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 ESM
– Ubuntu 12.04 ESM

Summary:

Bind could be made to crash if it received a specially crafted
request.

Software Description:
– bind9: Internet Domain Name Server

Details:

USN-4468-1 fixed a vulnerability in Bind. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

Original advisory details:

Dave Feldman, Jeff Warren, and Joel Cunningham discovered that Bind
incorrectly handled certain truncated responses to a TSIG-signed request. A
remote attacker could possibly use this issue to cause Bind to crash,
resulting in a denial of service. (CVE-2020-8622)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 ESM:
bind9 1:9.9.5.dfsg-3ubuntu0.19+esm3

Ubuntu 12.04 ESM:
bind9 1:9.8.1.dfsg.P1-4ubuntu0.31

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4468-2
https://usn.ubuntu.com/4468-1
CVE-2020-8622
—–BEGIN PGP SIGNATURE—–

iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl9DvaYACgkQRbznW4QL
H2m4KxAAox+NGPU3jN3+Oyxjc0XH5BzCouszU8i2p1tRj6mZ0dV82jpeFIy8X8pq
HWUw2TSLOQGRMS6VmmT79Sj9Cw1haZXA30TV3vhoc7jGITRXIbXvabinC2CXa7/E
UZI39mDljl7ltd+v0DFoe+zT1BRdktE4UcyEFQYjVt8WJTRqZCEOMbrBK1KJ9XFQ
68xW4oNuIPtxZfL/hSCTS3EsOwoUD7bw+Cv0/ejyRe5yUdOmjhKrw56YSSaTn6zj
ROkDlzqHH1pJMDe9gwxiyhYVQJZ35tCdq598NxKjQoF3TgWMxEoE0WrJVMBjAXp3
BiX0u4G6dqSJ/a13xLD6+K6g7+Y+S/xbdzEu2X3BhK4BtEEZbHgCL3FHUTNHVISl
KjOpmSUl4YecxGTsK9fBxz8X+L3+kvNNWTtSblKr6/DN0CqXUI1y1Ie6fcRxTxIF
iCbiMr4c1WQSZbVquZzEfu1KFTxrQUerP4taGCl/S0C4WperW00maQreP9KXfqi7
ltDhOd5o289rzv4tzhckU5CSlQFx9waMkz68767YthM4N9v+3S9uQ34cP0cRf3N6
j1MgD8eP7vNW5OARYiBo/cwMFS2URqNjyFVaggbKy7/fdBVZuo9PO9rD7+FTHw3D
9uMaVEwMRWuW+DeQzSiIBCiUdBAx1jOpDRcYI+L7RBJuhoGZWSg=
=23Wa
—–END PGP SIGNATURE—–
—

Autor	Filip Omazic
Cert id	NCERT-REF-2020-08-0001-ADV
Cve	CERT-CVE-DUMMY
ID izvornika	CERT-ORIGID-DUMMY
Proizvod	CERT-DUMMY-PRODUCT
Izvor	Adobe

Sigurnosni nedostatak programskog paketa bind9

Archives

More in Preporuke

Sigurnosni nedostaci programskog paketa net-snmp