I know, and agree...
But hey... when a software programmer doesn't do bounds-checking on a stack-allocated buffer, they don't describe the flaw as a "failure to check bounds", they call it a "buffer overflow", even though it wasn't the buffer's fault.
Actually, I think there's something more insidious going on here.
BIND is written by ISC. ISC makes it's livelihood off of consulting for BIND. (and other ISC products)
It is not in ISC's interest to build software that is easy to understand. There's no use for BIND consultants if anyone can do it.
DNS isn't rocket science. All it does is take a request for a word and match it up with a number. ISC's implementation of DNS is far too complicated for what it does.
Complicated software (especially configuration) is the bane of security. Hard-to-configure software is hard to secure.
BIND does authoritative DNS, DNS caching, DNS zone transfer and encryption all in one huge binary. The config file is picky, picky, picky about syntax. An incorrect entry will either go ahead and load your data incorrectly or silently refuse to load at all.
I got bit by a BIND flaw back in 1999 at which time I did a lot of research into how such a seemingly simple service could be host to so many security flaws.
And the answer is simple. BIND is a bloated, buggy beast. It's the Windows of DNS software, that is, it's the best known and most used, but completely crap.