Ubuntu alert USN-5126-1 (bind9)
| From: | Marc Deslauriers <marc.deslauriers@canonical.com> | |
| To: | "ubuntu-security-announce@lists.ubuntu.com" <ubuntu-security-announce@lists.ubuntu.com> | |
| Subject: | [USN-5126-1] Bind vulnerability | |
| Date: | Thu, 28 Oct 2021 12:36:37 -0400 | |
| Message-ID: | <a8d4b8ce-7256-b21a-2def-268116ab9b2f@canonical.com> |
========================================================================== Ubuntu Security Notice USN-5126-1 October 28, 2021 bind9 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 21.10 - Ubuntu 21.04 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Bind could be made to consume resources if it received specially crafted network traffic. Software Description: - bind9: Internet Domain Name Server Details: Kishore Kumar Kothapalli discovered that Bind incorrectly handled the lame cache when processing responses. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 21.10: bind9 1:9.16.15-1ubuntu1.1 Ubuntu 21.04: bind9 1:9.16.8-1ubuntu3.2 Ubuntu 20.04 LTS: bind9 1:9.16.1-0ubuntu2.9 Ubuntu 18.04 LTS: bind9 1:9.11.3+dfsg-1ubuntu1.16 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5126-1 CVE-2021-25219 Package Information: https://launchpad.net/ubuntu/+source/bind9/1:9.16.15-1ubu... https://launchpad.net/ubuntu/+source/bind9/1:9.16.8-1ubun... https://launchpad.net/ubuntu/+source/bind9/1:9.16.1-0ubun... https://launchpad.net/ubuntu/+source/bind9/1:9.11.3+dfsg-... -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security...