Support this website
I have released MaraDNS 2.0.16. This is a very minor security update.
Security fix: There was a theoretical issue with the cryptographic code in Deadwood, where a standards-compliant compiler might not generate correct secure random numbers (used for the query ID and query source port). I can not find a compiler which actually generates insecure code (I tested against gcc 3.2.3, gcc 4.8.5, gcc 7.3.0, clang 3.4.2, and clang 5.0.1), but in the interest of caution, I am making a security update, and have added tests to make sure this bug does not manifest itself when run against multiple compilers and compile flags (it's only an issue with -O2 and -O3 in clang using a different implementation of RadioGatĂșn[32]).
Lots of places to get the update:
- https://
maradns. samiam. org/ download. html - https://github.com/
samboy/MaraDNS - https://
sourceforge. net/ projects/ maradns/
Comments are closed.