"The vulnerability is caused due to predictable DNS "Transaction ID" field in
DNS queries and can be exploited to poison the DNS cache of an application using
the library if a valid ID is guessed."
CVE id's assigned: CVE-2007-3152, CVE-2007-3153
change of subject to not trip up bodhi
c-ares-1.4.0-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.