====================================================================

                             CERT-Renater

                 Note d'Information No. 2018/VULN064
_____________________________________________________________________

DATE                : 20/02/2018

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Ubuntu versions 12.04 LTS running Bind version 9.

=====================================================================
https://usn.ubuntu.com/usn/usn-3574-1/
_____________________________________________________________________


USN-3574-1: Bind vulnerability
Ubuntu Security Notice USN-3574-1

19th February, 2018
bind9 vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

    Ubuntu 12.04 LTS


Summary

Bind could be made to crash if it received specially crafted network
traffic.

Software description

    bind9 - Internet Domain Name Server


Details

It was discovered that Bind incorrectly handled DNSSEC
validation. An attacker could possibly use this to cause a denial
of service.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:
    bind9 1:9.8.1.dfsg.P1-4ubuntu0.25

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.


References

CVE-2018-5735


==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================