PublicDateAtUSN: 2017-01-11
Candidate: CVE-2016-9444
CRD: 2017-01-11
PublicDate: 2017-01-12 06:59:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9444
 https://kb.isc.org/article/AA-01441/0
 https://ubuntu.com/security/notices/USN-3172-1
Description:
 named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x
 before 9.11.0-P2 allows remote attackers to cause a denial of service
 (assertion failure and daemon exit) via a crafted DS resource record in an
 answer.
Ubuntu-Description: 
Notes: 
 mdeslaur> doesn't affect precise, introduced in 9.8.5
Bugs: 
Priority: medium
Discovered-by:
Assigned-to: mdeslaur
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH]

Patches_bind9:
upstream_bind9: needs-triage
precise_bind9: not-affected (1:9.8.1.dfsg.P1-4ubuntu0.19)
precise/esm_bind9: not-affected (1:9.8.1.dfsg.P1-4ubuntu0.19)
trusty_bind9: released (1:9.9.5.dfsg-3ubuntu0.11)
trusty/esm_bind9: released (1:9.9.5.dfsg-3ubuntu0.11)
vivid/stable-phone-overlay_bind9: ignored (reached end-of-life)
vivid/ubuntu-core_bind9: ignored (reached end-of-life)
xenial_bind9: released (1:9.10.3.dfsg.P4-8ubuntu1.4)
esm-infra/xenial_bind9: released (1:9.10.3.dfsg.P4-8ubuntu1.4)
yakkety_bind9: released (1:9.10.3.dfsg.P4-10.1ubuntu1.2)
zesty_bind9: released (1:9.10.3.dfsg.P4-10.1ubuntu3)
devel_bind9: released (1:9.10.3.dfsg.P4-10.1ubuntu3)