SuSE Security Advisory SUSE-SA:2009:005 (bind)

Summary
The remote host is missing updates announced in advisory SUSE-SA:2009:005.
Solution
Update your system with the packages as indicated in the referenced security advisory. https://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:005
Insight
The DNS daemon bind is used to resolve and lookup addresses on the internet. Some month ago a vulnerability in the DNS protocol and its numbers was published that allowed easy spoofing of DNS entries. The only way to protect against spoofing is to use DNSSEC. Unfortunately the bind code that verifys the certification chain of a DNS- SEC zone transfer does not properly check the return value of function DSA_do_verify(). This allows the spoofing of records signed with DSA or NSEC3DSA.