[MaraDNS list] MaraDNS 1 (legacy) security bugfix
Sam Trenholme
maradns at gmail.com
Sat Mar 17 13:10:02 EDT 2012
Security fix for MaraDNS 1: Maximum TTL is now one day, to avoid ghost
domain-style attacks with the legacy version of MaraDNS. This is akin
to the recent Deadwood update.
It can be downloaded here:
http://www.maradns.org/download/1.4/
http://www.maradns.org/download/1.3/
Updated changelog is at http://maradns.org/changelog.html
Patch is at http://maradns.org/download/patches/security/maradns-1.4.11-ghostdomain.patch
I plan to work on MaraDNS/Deadwood again one day this month, after the
20th, unless a critical security bug is found.
- Sam
More information about the list
mailing list