USN-4737-2: Bind vulnerability
01 March 2021
Bind could be made to crash or run programs if it received specially crafted network traffic.
- bind9 - Internet Domain Name Server
USN-4737-1 fixed a vulnerability in Bind. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
It was discovered that Bind incorrectly handled GSSAPI security policy
negotiation. A remote attacker could use this issue to cause Bind to crash,
resulting in a denial of service, or possibly execute arbitrary code. In
the default installation, attackers would be isolated by the Bind AppArmor
- USN-4737-1: bind9