The security updates of bind9, samba, evince, heimdal, apache2, catdoc and openjdk-8. Vulnerability Information DSA-3904-1 bind9 —Security Updates Security database details: Clément Berthaux from Synaktiv discovered two vulnerabilities in BIND, a DNS server implementation. They allow an attacker to bypass TSIG authentication by sending crafted DNS packets to a server. CVE-2017-3142: An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection ...Read more