writes “Remember the big DNS flaw that Dan Kaminsky ‘discovered’ last
year? Well, it looks like another flaw in DNS has just been patched.
This time it’s an item that affects DNSSEC, which was supposed to be
the savior for the Kaminsky flaw. The good news, though, is that this
time, the issue is relatively minor and DNS has already been patched.
‘The flaw is specific to certain usages of DNSSEC,’ Joao Damas, senior
programming manager of the ISC told InternetNews. ‘It is strongly
advised that all BIND DNSSEC deployments update in case they are using
the particular pattern affected (DSA keys in some cases) and to prevent
coming across the problem in the future unexpectedly.'”
Read more of this story at Slashdot.