bind is vulnerable to authorization bypass. The vulnerability exists as it was discovered that, in certain cases, named did not properly perform DNSSEC validation of an NS RRset for zones in the middle of a DNSKEY algorithm rollover. This flaw could cause the validator to incorrectly determine that the zone is insecure and not protected by DNSSEC.
lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
lists.fedoraproject.org/pipermail/package-announce/2010-December/051910.html
lists.fedoraproject.org/pipermail/package-announce/2010-December/051963.html
lists.vmware.com/pipermail/security-announce/2011/000126.html
secunia.com/advisories/42435
secunia.com/advisories/42459
secunia.com/advisories/42522
secunia.com/advisories/42671
securitytracker.com/id?1024817
slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.622190
support.apple.com/kb/HT5002
support.avaya.com/css/P8/documents/100124923
www.debian.org/security/2010/dsa-2130
www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories
www.isc.org/software/bind/advisories/cve-2010-3614
www.kb.cert.org/vuls/id/837744
www.mandriva.com/security/advisories?name=MDVSA-2010:253
www.osvdb.org/69559
www.redhat.com/support/errata/RHSA-2010-0975.html
www.redhat.com/support/errata/RHSA-2010-0976.html
www.securityfocus.com/archive/1/516909/100/0/threaded
www.securityfocus.com/bid/45137
www.ubuntu.com/usn/USN-1025-1
www.vmware.com/security/advisories/VMSA-2011-0004.html
www.vupen.com/english/advisories/2010/3102
www.vupen.com/english/advisories/2010/3103
www.vupen.com/english/advisories/2010/3138
www.vupen.com/english/advisories/2010/3139
www.vupen.com/english/advisories/2010/3140
www.vupen.com/english/advisories/2011/0606
access.redhat.com/errata/RHSA-2010:0976
access.redhat.com/security/updates/classification/#important