I've noticed that nobody seems to have accurate information about CVE-2006-2073 on file. This was a vulnerability in handling TSIG-based authentication *after* authentication, so it wasn't a high priority issue. What was the first BIND version that fixed it?