http://www.vuxml.org/freebsd/70ae62b0-16b0-11dc-b803-0016179b2dd5.html "The vulnerability is caused due to predictable DNS "Transaction ID" field in DNS queries and can be exploited to poison the DNS cache of an application using the library if a valid ID is guessed."
CVE id's assigned: CVE-2007-3152, CVE-2007-3153
change of subject to not trip up bodhi
c-ares-1.4.0-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.