[MARA] MaraDNS 1.2.12.08 release (stable release)
Sam Trenholme
sam+i7tq5rg at chaosring.org
Wed Aug 29 17:42:11 EDT 2007
Someone can send a specially crafted DNS packet to the DNS server that
will make an authoritative CNAME record not resolve. The workaround
to disable this denial of service is to add the following line to the
mararc file:
max_ar_chain = 2
The fix is to download MaraDNS 1.0.41/1.2.12.08/1.3.07.04,
which I just released, from the MaraDNS download page at
http://www.maradns.org/download.html or to download MaraDNS 1.2.12.08 from
the Sourceforge MaraDNS page at http://sourceforge.net/projects/maradns
All distributions are strongly encouraged to update to 1.2.12.08, or
to 1.0.41 if still using the 1.0 branch of MaraDNS. Please, remember,
1.0 users, that non-security bugfixes in MaraDNS 1.0 will no longer be
applied after December 21 of this year.
- Sam
More information about the list
mailing list