USN-1139-1: Bind vulnerabilities
30 May 2011
An attacker could send crafted input to Bind and cause it to crash.
- bind9 - Internet Domain Name Server
It was discovered that Bind incorrectly handled certain bad signatures if
multiple trust anchors existed for a single zone. A remote attacker could
use this flaw to cause Bind to stop responding, resulting in a denial of
service. This issue only affected Ubuntu 8.04 LTS and 10.04 LTS.
Frank Kloeker and Michael Sinatra discovered that Bind incorrectly handled
certain very large RRSIG RRsets included in negative responses. A remote
attacker could use this flaw to cause Bind to stop responding, resulting in
a denial of service. (CVE-2011-1910)
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.