Debian Linux Security Advisory 1961-1 – Michael Sinatra discovered that the DNS resolver component in BIND does not properly check DNS records contained in additional sections of DNS responses, leading to a cache poisoning vulnerability. This vulnerability is only present in resolvers which have been configured with DNSSEC trust anchors, which is still rare.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/84202/dsa-1961-1.txt
Source: https://packetstormsecurity.com/files/84202/Debian-Linux-Security-Advisory-1961-1.html