UBUNTU-CVE-2019-6465

See a problem?

Source

https://ubuntu.com/security/notices/UBUNTU-CVE-2019-6465

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-6465.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2019-6465

Related

Published

2019-02-21T00:00:00Z

Modified

2019-02-21T00:00:00Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465.

References

Affected packages

Ubuntu:14.04:LTS / bind9

Package

Name: bind9
Purl: pkg:deb/ubuntu/bind9@1:9.9.5.dfsg-3ubuntu0.19?arch=src?distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:9.9.5.dfsg-3ubuntu0.19

Affected versions

1:9.*

1:9.9.3.dfsg.P2-4ubuntu1

1:9.9.3.dfsg.P2-4ubuntu2

1:9.9.3.dfsg.P2-4ubuntu3

1:9.9.5.dfsg-2

1:9.9.5.dfsg-3

1:9.9.5.dfsg-3ubuntu0.1

1:9.9.5.dfsg-3ubuntu0.2

1:9.9.5.dfsg-3ubuntu0.3

1:9.9.5.dfsg-3ubuntu0.4

1:9.9.5.dfsg-3ubuntu0.5

1:9.9.5.dfsg-3ubuntu0.6

1:9.9.5.dfsg-3ubuntu0.7

1:9.9.5.dfsg-3ubuntu0.8

1:9.9.5.dfsg-3ubuntu0.9

1:9.9.5.dfsg-3ubuntu0.10

1:9.9.5.dfsg-3ubuntu0.11

1:9.9.5.dfsg-3ubuntu0.12

1:9.9.5.dfsg-3ubuntu0.13

1:9.9.5.dfsg-3ubuntu0.14

1:9.9.5.dfsg-3ubuntu0.15

1:9.9.5.dfsg-3ubuntu0.16

1:9.9.5.dfsg-3ubuntu0.17

1:9.9.5.dfsg-3ubuntu0.18

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "lwresd": "1:9.9.5.dfsg-3ubuntu0.19",
            "bind9utils": "1:9.9.5.dfsg-3ubuntu0.19",
            "bind9": "1:9.9.5.dfsg-3ubuntu0.19",
            "libbind-dev": "1:9.9.5.dfsg-3ubuntu0.19",
            "host": "1:9.9.5.dfsg-3ubuntu0.19",
            "bind9-doc": "1:9.9.5.dfsg-3ubuntu0.19",
            "liblwres90": "1:9.9.5.dfsg-3ubuntu0.19",
            "libisccfg90": "1:9.9.5.dfsg-3ubuntu0.19",
            "libisccc90": "1:9.9.5.dfsg-3ubuntu0.19",
            "libdns100": "1:9.9.5.dfsg-3ubuntu0.19",
            "libbind9-90": "1:9.9.5.dfsg-3ubuntu0.19",
            "bind9-host": "1:9.9.5.dfsg-3ubuntu0.19",
            "libisc95": "1:9.9.5.dfsg-3ubuntu0.19",
            "dnsutils": "1:9.9.5.dfsg-3ubuntu0.19"
        }
    ]
}

Ubuntu:16.04:LTS / bind9

Package

Name: bind9
Purl: pkg:deb/ubuntu/bind9@1:9.10.3.dfsg.P4-8ubuntu1.12?arch=src?distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:9.10.3.dfsg.P4-8ubuntu1.12

Affected versions

1:9.*

1:9.9.5.dfsg-11ubuntu1

1:9.9.5.dfsg-12

1:9.9.5.dfsg-12.1

1:9.9.5.dfsg-12.1ubuntu1

1:9.10.3.dfsg.P2-4

1:9.10.3.dfsg.P2-5

1:9.10.3.dfsg.P4-3

1:9.10.3.dfsg.P4-4

1:9.10.3.dfsg.P4-5

1:9.10.3.dfsg.P4-8

1:9.10.3.dfsg.P4-8ubuntu1

1:9.10.3.dfsg.P4-8ubuntu1.1

1:9.10.3.dfsg.P4-8ubuntu1.2

1:9.10.3.dfsg.P4-8ubuntu1.3

1:9.10.3.dfsg.P4-8ubuntu1.4

1:9.10.3.dfsg.P4-8ubuntu1.5

1:9.10.3.dfsg.P4-8ubuntu1.6

1:9.10.3.dfsg.P4-8ubuntu1.7

1:9.10.3.dfsg.P4-8ubuntu1.8

1:9.10.3.dfsg.P4-8ubuntu1.9

1:9.10.3.dfsg.P4-8ubuntu1.10

1:9.10.3.dfsg.P4-8ubuntu1.11

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "bind9-host-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "lwresd": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libisc-export160-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libisccc-export140-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libdns162": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "bind9utils": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libisccc-export140-udeb-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libirs-export141-udeb-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "bind9-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libisc-export160-udeb-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libbind9-140": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libdns162-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libisc-export160": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "bind9utils-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libisccfg-export140-udeb": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "dnsutils": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libisccfg140": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libirs-export141": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libdns-export162": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "liblwres141-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "dnsutils-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libbind-export-dev": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libdns-export162-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libisccfg140-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libisccfg-export140-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "liblwres141": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libisc160-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libisccc-export140": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libirs-export141-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libbind9-140-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libdns-export162-udeb": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libirs-export141-udeb": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libisccc140-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "lwresd-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "bind9": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libisc160": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libbind-dev": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "host": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libisccfg-export140": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libisc-export160-udeb": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "bind9-doc": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libisccc140": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libirs141": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libisccc-export140-udeb": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libirs141-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libdns-export162-udeb-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "bind9-host": "1:9.10.3.dfsg.P4-8ubuntu1.12",
            "libisccfg-export140-udeb-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.12"
        }
    ]
}

Ubuntu:18.04:LTS / bind9

Package

Name: bind9
Purl: pkg:deb/ubuntu/bind9@1:9.11.3+dfsg-1ubuntu1.5?arch=src?distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:9.11.3+dfsg-1ubuntu1.5

Affected versions

1:9.*

1:9.10.3.dfsg.P4-12.6ubuntu1

1:9.11.2.P1-1ubuntu2

1:9.11.2.P1-1ubuntu3

1:9.11.2.P1-1ubuntu4

1:9.11.2.P1-1ubuntu5

1:9.11.3+dfsg-1ubuntu1

1:9.11.3+dfsg-1ubuntu1.1

1:9.11.3+dfsg-1ubuntu1.2

1:9.11.3+dfsg-1ubuntu1.3

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "bind9-host-dbgsym": "1:9.11.3+dfsg-1ubuntu1.5",
            "libbind9-160-dbgsym": "1:9.11.3+dfsg-1ubuntu1.5",
            "libisccfg160-dbgsym": "1:9.11.3+dfsg-1ubuntu1.5",
            "libisc-export169-dbgsym": "1:9.11.3+dfsg-1ubuntu1.5",
            "libdns1100-dbgsym": "1:9.11.3+dfsg-1ubuntu1.5",
            "bind9utils": "1:9.11.3+dfsg-1ubuntu1.5",
            "libdns-export1100": "1:9.11.3+dfsg-1ubuntu1.5",
            "bind9-dbgsym": "1:9.11.3+dfsg-1ubuntu1.5",
            "libisccc-export160": "1:9.11.3+dfsg-1ubuntu1.5",
            "libisccfg-export160": "1:9.11.3+dfsg-1ubuntu1.5",
            "liblwres160": "1:9.11.3+dfsg-1ubuntu1.5",
            "libirs-export160": "1:9.11.3+dfsg-1ubuntu1.5",
            "bind9utils-dbgsym": "1:9.11.3+dfsg-1ubuntu1.5",
            "libisccc-export160-dbgsym": "1:9.11.3+dfsg-1ubuntu1.5",
            "libirs160": "1:9.11.3+dfsg-1ubuntu1.5",
            "libisccfg-export160-udeb": "1:9.11.3+dfsg-1ubuntu1.5",
            "libisc-export169": "1:9.11.3+dfsg-1ubuntu1.5",
            "libisc169-dbgsym": "1:9.11.3+dfsg-1ubuntu1.5",
            "dnsutils-dbgsym": "1:9.11.3+dfsg-1ubuntu1.5",
            "libbind-export-dev": "1:9.11.3+dfsg-1ubuntu1.5",
            "libdns1100": "1:9.11.3+dfsg-1ubuntu1.5",
            "libisccc160": "1:9.11.3+dfsg-1ubuntu1.5",
            "libdns-export1100-dbgsym": "1:9.11.3+dfsg-1ubuntu1.5",
            "libdns-export1100-udeb": "1:9.11.3+dfsg-1ubuntu1.5",
            "liblwres160-dbgsym": "1:9.11.3+dfsg-1ubuntu1.5",
            "libirs-export160-udeb": "1:9.11.3+dfsg-1ubuntu1.5",
            "bind9": "1:9.11.3+dfsg-1ubuntu1.5",
            "libisc169": "1:9.11.3+dfsg-1ubuntu1.5",
            "libbind-dev": "1:9.11.3+dfsg-1ubuntu1.5",
            "libirs-export160-dbgsym": "1:9.11.3+dfsg-1ubuntu1.5",
            "libisccc-export160-udeb": "1:9.11.3+dfsg-1ubuntu1.5",
            "libisc-export169-udeb": "1:9.11.3+dfsg-1ubuntu1.5",
            "bind9-doc": "1:9.11.3+dfsg-1ubuntu1.5",
            "libirs160-dbgsym": "1:9.11.3+dfsg-1ubuntu1.5",
            "libisccfg160": "1:9.11.3+dfsg-1ubuntu1.5",
            "libbind9-160": "1:9.11.3+dfsg-1ubuntu1.5",
            "libisccc160-dbgsym": "1:9.11.3+dfsg-1ubuntu1.5",
            "bind9-host": "1:9.11.3+dfsg-1ubuntu1.5",
            "libisccfg-export160-dbgsym": "1:9.11.3+dfsg-1ubuntu1.5",
            "dnsutils": "1:9.11.3+dfsg-1ubuntu1.5"
        }
    ]
}