CVE-2017-3143

Priority
Medium
Description
An error in TSIG authentication can permit unauthorized dynamic updates
An attacker may be able to forge a valid TSIG or SIG(0) signature for a
dynamic update.
References
Package
Source: bind9 (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 17.10 (Artful Aardvark):released (1:9.10.3.dfsg.P4-10.1ubuntu7)
Ubuntu 12.04 ESM (Precise Pangolin):needed
Ubuntu 14.04 LTS (Trusty Tahr):released (1:9.9.5.dfsg-3ubuntu0.15)
Ubuntu Core 15.04:needed
Ubuntu 16.04 LTS (Xenial Xerus):released (1:9.10.3.dfsg.P4-8ubuntu1.7)
Ubuntu 16.10 (Yakkety Yak):released (1:9.10.3.dfsg.P4-10.1ubuntu1.7)
Ubuntu 17.04 (Zesty Zapus):released (1:9.10.3.dfsg.P4-10.1ubuntu5.1)
More Information

Updated: 2017-07-17 12:14:14 UTC (commit 12896)