USN-343-1: bind9 vulnerabilities

8 September 2006

bind9 vulnerabilities

Releases

Ubuntu 6.06
Ubuntu 5.10
Ubuntu 5.04

Details

bind did not sufficiently verify particular requests and responses
from other name servers and users. By sending a specially crafted
packet, a remote attacker could exploit this to crash the name server.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 6.06

bind9 - 1:9.3.2-2ubuntu1.1

Ubuntu 5.10

bind9 - 1:9.3.1-2ubuntu1.1

Ubuntu 5.04

bind9 - 1:9.2.4-1ubuntu1.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

References

CVE-2006-4096
CVE-2006-4095

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›