Sam Trenholme's webpage

MaraDNS 2.0.06 and 1.4.11

 

March 11 2012

I have updated MaraDNS to use Deadwood 3.2.02. Deadwood 3.2.02 is a security update to Deadwood 3.2.01. This update has been done in both MaraDNS 2 and MaraDNS 1.4; MaraDNS 2.0.06 and MaraDNS 1.4.11 are the releases with this update. MaraDNS 1.3 is not affected because it does not include Deadwood.

For people who want to file a CVE report: Deadwood releases before Deadwood 3.2.02 allow entries to remain in the cache for a long time. In light of the Ghost domain exploit (PDF file), this is a security problem.

Deadwood 3.2.02 is updated to only allow entries to remain in the cache for one day. If max_ttl is set, one can choose to store entries in the cache for up to 90 days.

It can be downloaded here:

http://www.maradns.org/download/2.0/2.0.06/

http://www.maradns.org/download/1.4

I plan to work on MaraDNS/Deadwood again one day this month, after the 20th, unless a critical security bug is found.

To post a comment about an entry, send me an email and I may or may not post your comment (with or without editing)

Previous entry Next entry Blog index