Internet Systems Consortium announced the release of the BIND 9.6.1-P3 security patch to address two cache poisoning vulnerabilities, “both of which could allow a validating recursive nameserver to cache data which had not been authenticated or was invalid.”
More details follow below links
CVE-2010-0097
CVE-2009-4022v6