Subject: dnsmasq version 2.43 released.
Newsgroups: gmane.network.dns.dnsmasq.general
Date: 2008-07-11 10:19:34 GMT (51 weeks, 21 hours and 56 minutes ago)
Dnsmmasq version 2.43 is now available at: http://thekelleys.org.uk/dnsmasq/dnsmasq-2.43.tar.gz http://thekelleys.org.uk/dnsmasq/dnsmasq-2.43.tar.lzma This release includes the fixes needed to secure dnsmasq against the security problems described in CERT VU#800113 http://www.kb.cert.org/vuls/id/800113 The changes from 2.42 are as follows. Updated Polish translation. Thanks to Jan Psota. Flag errors when configuration options are repeated illegally. Further tweaks for GNU/kFreeBSD Add --no-wrap to msgmerge call - provides nicer .po file format. Honour lease-time spec in dhcp-host lines even for BOOTP. The user is assumed to known what they are doing in this case. (Hosts without the time spec still get infinite leases for BOOTP, over-riding the default in the dhcp-range.) Thanks to Peter Katzmann for uncovering this. Fix problem matching relay-agent ids. Thanks to Michael Rack for the bug report. Add --naptr-record option. Suggestion from Johan Bergquist. Implement RFC 5107 server-id-override DHCP relay agent option. Apply patches from Stefan Kruger for compilation on Solaris 10 under Sun studio. Yet more tweaking of Linux capability code, to suppress pointless wingeing from kernel 2.6.25 and above. Improve error checking during startup. Previously, some errors which occurred during startup would be worked around, with dnsmasq still starting up. Some were logged, some silent. Now, they all cause a fatal error and dnsmasq terminates with a non-zero exit code. The errors are those associated with changing uid and gid, setting process capabilities and writing the pidfile. Thanks to Uwe Gansert and the Suse security team for pointing out this improvement, and Bill Reimers for good implementation suggestions. Provide NO_LARGEFILE compile option to switch off largefile support when compiling against versions of uclibc which don't support it. Thanks to Stephane Billiart for the patch. Implement random source ports for interactions with upstream nameservers. New spoofing attacks have been found against nameservers which do not do this, though it is not clear if dnsmasq is vulnerable, since to doesn't implement recursion. By default dnsmasq will now use a different source port (and socket) for each query it sends upstream. This behaviour can suppressed using the --query-port option, and the old default behaviour restored using --query-port=0. Explicit source-port specifications in --server configs are still honoured. Replace the random number generator, for better security. On most BSD systems, dnsmasq uses the arc4random() RNG, which is secure, but on other platforms, it relied on the C-library RNG, which may be guessable and therefore allow spoofing. This release replaces the libc RNG with the SURF RNG, from Daniel J. Berstein's DJBDNS package. Don't attempt to change user or group or set capabilities if dnsmasq is run as a non-root user. Without this, the change from soft to hard errors when these fail causes problems for non-root daemons listening on high ports. Thanks to Patrick McLean for spotting this. Updated French translation. Thanks to Gildas Le Nadan. In addition to those people mentioned in the changelog, many thanks are due to the members of the dnsmasq-discuss mailing list who did the rapid testing needed to get this release out in a timely manner. Cheers, Simon.