Article Source SUSE Linux Security Announcements
The bind DNS server was updated to close a possible cache poisoning vulnerability which allowed to bypass DNSSEC. This problem can only happen after the other spoofing/poisoning mechanisms have been bypassed already (the port and transaction id randomization). Also this can only happen if the server is setup for 
DNSSEC. Due to this limitation we consider this a minor issue…
