PyDNS (aka python-dns) before 2.3.1-4 in Debian GNU/Linux does not use random source ports or transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447.
Created python-pydns tracking bugs for this issue Affects: F8 [bug #462765] Affects: F9 [bug #462766] Affects: Fdevel [bug #462767] Affects: epel-5 [bug #462768]
Current Fedora and EPEL have 2.3.3, so this is no longer an issue there.