1 August 2008 @ 7:14Security Update 2008-005, Now with more secure!
Security Update 2008-005 fixes the BIND DNS cache poisoning vulnerability by updating BIND to 9.4.2-P1(Leopard) and 9.3.5-P1(Tiger). Also of note, this update addresses the OSA privilege escalation issue by not loading scripting addition plugins into applications running with system privileges. Other items affected by this update include CarbonCore, CoreGraphics, Data Detectors Engine, Disk Utility, OpenLDAP, OpenSSL, PHP, QuickLook, and rsync.
UPDATE: Andrew Storms at 360 Security points out that port randomization failed to make it into this security update. Port randomization is the currently accepted countermeasure to prevent DNS cache poisoning of BIND.