SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA flaw was found in how BIND checked the return value of the OpenSSL DSA_do_verify() function. On systems that use DNSSEC, a malicious zone could present a malformed DSA certificate and bypass proper certificate validation, which would allow for spoofing attacks (CVE-2009-0025).
The updated packages have been patched to prevent this issue.
SolutionUpdate the affected packages.