PowerDNS & Random
Just to add my two bits. Amit Klein informed us in a very proper manner of our deficient random generator, and was helpful in finding a good replacement. We implemented his suggestion of going to AES in CTR-mode, which appears to work very well.
I can understand why not everybody goes down this route though - we've already had problems with people being unable to distribute PowerDNS because it suddenly contains 'encryption'.
DNS is vulnerable enough as it is, even with good random. Bad random is inexcusable. For more details, see http://tools.ietf.org/html/draft-ietf-dnsext-forgery-resilience-03