Sam Trenholme's webpage
Support this website

MaraDNS 2.0.16 released


August 16 2018

I have released MaraDNS 2.0.16. This is a very minor security update.

==The issue==

Security fix: There was a theoretical issue with the cryptographic code in Deadwood, where a standards-compliant compiler might not generate correct secure random numbers (used for the query ID and query source port). I can not find a compiler which actually generates insecure code (I tested against gcc 3.2.3, gcc 4.8.5, gcc 7.3.0, clang 3.4.2, and clang 5.0.1), but in the interest of caution, I am making a security update, and have added tests to make sure this bug does not manifest itself when run against multiple compilers and compile flags (it's only an issue with -O2 and -O3 in clang using a different implementation of RadioGatĂșn[32]).

==Getting the update==

Lots of places to get the update:

Comments are closed.