USN-706-1: Bind vulnerability Post: 302274970

Sponsored Content

Special Forums Cybersecurity Security Advisories (RSS) USN-706-1: Bind vulnerability Post 302274970 by Linux Bot on Thursday 8th of January 2009 07:40:08 PM

01-08-2009

Registered User

USN-706-1: Bind vulnerability

Referenced CVEs:
CVE-2009-0025

Description:
===========================================================Ubuntu Security Notice USN-706-1 January 09, 2009bind9 vulnerabilityCVE-2009-0025===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 7.10Ubuntu 8.04 LTSUbuntu 8.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: libdns21 1:9.3.2-2ubuntu1.6Ubuntu 7.10: libdns32 1:9.4.1-P1-3ubuntu2.1Ubuntu 8.04 LTS: libdns35 1:9.4.2.dfsg.P2-2ubuntu0.1Ubuntu 8.10: libdns43 1:9.5.0.dfsg.P2-1ubuntu3.1In general, a standard system upgrade is sufficient to effect thenecessary changes.Details follow:It was discovered that Bind did not properly perform certificate verification.When DNSSEC with DSA certificates are in use, a remote attacker could exploitthis to bypass certificate validation to spoof DNS entries and poison DNScaches. Among other things, this could lead to misdirected email and webtraffic.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

LEARN ABOUT XFREE86

what-patch

WHAT-PATCH(1)						      General Commands Manual						     WHAT-PATCH(1)

NAME

       what-patch - detect which patch system a Debian package uses

SYNOPSIS

       what-patch [options]

DESCRIPTION

       what-patch examines the debian/rules file to determine which patch system the Debian package is using.

       what-patch should be run from the root directory of the Debian source package.

OPTIONS

       Listed below are the command line options for what-patch:

       -h, --help
	      Display a help message and exit.

       -v     Enable verbose mode.  This will include the listing of any files modified outside or the debian/ directory and report any additional
	      details about the patch system if available.

AUTHORS

       what-patch was written by Kees Cook <kees@ubuntu.com>, Siegfried-A. Gevatter <rainct@ubuntu.com>, and  Daniel  Hahler  <ubuntu@thequod.de>,
       among others.  This manual page was written by Jonathan Patrick Davies <jpds@ubuntu.com>.

       Both are released under the GNU General Public License, version 3 or later.

SEE ALSO

       The Ubuntu MOTU team has some documentation about patch systems at the Ubuntu wiki: https://wiki.ubuntu.com/PackagingGuide/PatchSystems

       cdbs-edit-patch(1), dbs-edit-patch(1), dpatch-edit-patch(1)

DEBIAN
								 Debian Utilities						     WHAT-PATCH(1)