-
Notifications
You must be signed in to change notification settings - Fork 65
/
CHANGELOG.TXT
752 lines (580 loc) · 28.6 KB
/
CHANGELOG.TXT
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
MaraDNS changelog
maradns-3.5.0036:
This is a stable release of MaraDNS:
* One line fix in the old decompression code from 2002
(2023-05-02)
maradns-3.5.0035:
This is a stable release of MaraDNS:
* Hotfix: Block hashes now work in the Windows compile of
Deadwood
* Markdown version of documents added
* Minor doc fixes
(2022-12-21)
maradns-3.5.0034:
This is a stable release of MaraDNS:
* “block hash” tools completed: blockHashRead and blockHashMake
* Block hash tools now install with MaraDNS and have man pages
* Deadwood now has block hash support: The ability to block over
200,000 domains while using only 10 megabytes of memory or so
* Block hash information added to Deadwood man page
* Update Lunacy documentation to be consistent with the MaraDNS
version of Lunacy (which, unlike the standalone
version at https://github.com/samboy/lunacy, does not have
spawner or lfs)
* Because some servers in early 2011 responded to AAAA queries
with “server fail”, Deadwood treated these server fails as
“no AAAA there”. This made IPv6 more fragile; here in 2022
those poorly designed DNS servers look to be no more, so we can
correctly treat “server fail” for AAAA queries as “try again”.
(2022-12-19)
maradns-3.5.0033:
This is a stable release of MaraDNS:
* coLunacyDNS now uses the 2022-12-06 version of Lunacy; this means
the Lunacy Git version and the version in MaraDNS are the same
code (albeit without lfs or spawner in the MaraDNS version)
* Lunacy (Lua 5.1 fork) now uses editline (and *not* readline)
for history
* coLunacyDNS update to 1.0.014: RFC8482 packets now have a 0 TTL,
and the underlying Lunacy (Lua 5.1) code is now based on the
2022-12-06 version of Lunacy
* Begin work on “block hash” support. The plan is to use these
“block hash” files to allow Deadwood to have a large list of
hosts to block (a large blocklist or “naughty list”) while using
a minimum amount of memory without sacrificing performance.
(2022-12-06)
maradns-3.5.0032:
This is a stable release of MaraDNS:
* "make install" now installs coLunacyDNS and lunacy
* "make uninstall" now properly removes files, and disables
the maradns/colunacydns/deadwood systemd services
(2022-11-29)
maradns-3.5.0031:
This is a stable release of MaraDNS:
* "make install" now installs working files to start MaraDNS at
system start up in Ubuntu22.04 (systemd).
* While there are no plans to remove the support, the script called
by "make install" no longer attempts to install system startup
files on systems without systemd unless called with a
special "--unsupported" argument.
* Duende man page updated to note systemd does everything Duende
does on non-systemd systems.
* Since MaraDNS has Duende, no need for Deadwood to have Duende
too.
(2022-11-28)
maradns-3.5.0030:
This is a stable release of MaraDNS:
* MaraDNS no longer accepts ANY queries as per RFC8482. The older
behavior can be restored by editing MaraDNS’ configuration file.
* maradns.exe updated to 2022-11-26 to have RFC8482 compliant
behavior.
* MaraDNS automated tests updated to pass with RFC8482 behavior
(2022-11-26)
maradns-3.4.09:
This is a legacy release of MaraDNS:
* MaraDNS and Deadwood no longer allow ANY queries as per RFC8482
(2022-11-25)
maradns-3.5.0029:
This is a stable release of MaraDNS:
* Deadwood now implements RFC8482: All ANY and HINFO queries now
return a RFC8482 reply by default. The older behavior can be
restored by editing Deadwood’s configuration file.
* Documentation updates: Updated security bug reporting policy,
Document maradns.exe for Windows is unsupported, document
new rfc8482 behavior, note changes made for MaraDNS 3.4.08,
etc.
* Windows builds of Deadwood now use dates for version numbers.
This way, I don’t need to update the .exe binary if a release
without Deadwood source changes is made.
(2022-11-25)
maradns-3.4.08:
This is a legacy release of MaraDNS:
* Y2038 fixes backported to the 3.4 version of MaraDNS and Deadwood
* Windows32 binaries of the 3.4 version of MaraDNS/Deadwood updated
(2022-11-19)
maradns-3.5.0028:
This is a stable release of MaraDNS:
* Y2038 issues with MaraDNS for win32 have been addressed.
* maradns.exe restored; things tested and look to run after Y2038
* Clarify that MaraDNS needs restart to reload zones in man pages
(2022-11-17)
maradns-3.5.0027:
This is a stable release of MaraDNS:
* HOTFIX: 3.5.0026 introduced a bug where zone files without a SOA
record last edited before mid-2020 would have an incorrect
serial in the synthetic SOA record. Fixed.
* Y2038 fix for serials in zone files without a SOA edited after
the Y2038 cutoff on systems with a 32-bit time_t.
* Only update Deadwood.exe in Git when doing the win32 build.
(2022-11-12)
maradns-3.5.0026:
This is a stable release of MaraDNS:
* coLunacyDNS updated to 1.0.012 (minor speed up with the SipHash
code)
* A number of old unused tests and scripts moved over to
https://github.com/samboy/MaraDNS-attic This is old stuff
which hasn’t beed used for about 15 years.
* Fixing minor potential Y2038 issues in MaraDNS and Deadwood code
base.
* Since localtime() won’t work come 2038 if time_t is 32-bit,
I have updated code to not show localtime() derived timestamps
if time_t is 32 bits. I would rather not show any timestamp than
show one with a wrong date come 2038, and people with a 64-bit
time_t (pretty much any system from the last five years) will
see no change. This only affects MaraDNS’s logging, and only
in the rare case of timestamp_type being set in a mararc
file.
* Deadwood has a feature where it won’t load the cache if the
dwood3rc file has been changed more recently than the cache
file. This feature has been disabled on systems with a 32-bit
time_t; the workaround is for the user to be sure to delete their
cache after they alter their dwood3rc file (or to upgrade to a
system with a 64-bit time_t). This is only in effect if
cache_file is set and used.
* Synthetic serial numbers now have their highest possible value be
in the year 2841 or 4294; serials are now, as per RFC1035, unsigned
32-bit numbers. If you’re in the 2800s and reading this, thank
you for using my code so many years later, and synthetic SOA
serials will wrap around, so be sure your secondaries only
require the serial to change and that it doesn’t have to
increment. Another option for 29th century MaraDNS users
is to have SOA records in your zone files and set the serial
by hand.
(2022-11-11)
maradns-3.4.07:
This is a legacy release of MaraDNS:
* Deadwood updated to 3.4.07
- doc/Deadwood.txt was blank file. Fixed.
- Deadwood’s document building process now uses the 3.5 Lua
instead of the older 3.4 Perl scripts.
- Have doc/Makefile be compatible with maramake
* Since MaraDNS 3.5 now uses maramake as the official make platform,
update the 3.4 branch to work with the 3.5 toolchain, so I do not
have to maintain two toolchains.
* MaraDNS 3.4 still uses the Perl scripts and Lynx/Links to build
documents; only Deadwood’s document processing has been updated
(but this will probably change in a future 3.4 release, again so
I only have to maintain one toolchain)
(2022-11-10)
maradns-3.5.0025:
This is a stable release of MaraDNS:
* The ej2man, ej2txt, and ej2html tools have been rewritten in
Lua 5.1
* The old ej tools are now at https://github.com/samboy/MaraDNS-attic/
* bind2csv2.py now at https://github.com/samboy/MaraDNS-attic/
* All documents now render with the Lua EJ tools
* Makefiles are now POSIX compliant, as long as the make
implementation allows / in make targets
* Tweak Deadwood Makefile to not regenerate DwRandPrime.h
(2022-10-31)
maradns-3.5.0024:
This is a stable release of MaraDNS:
* Minor security fix for Deadwood to ensure that no more than 83
queries are made to solve a given request when run as a fully
recursive server. This only affects setups where root_servers
is set in the Deadwood dwood3rc configuration file.
* Some Deadwood tests have been made more robust so they are much
less likely to randomly fail.
* Update Alpine 3.14 Dockerfile to have lua5.1-bit32 and patch.
This Docker image can test both the legacy 3.4 and the current
3.5 branches of MaraDNS.
* Deadwood no longer changes its random prime for the hash
compressor every time it is compiled, unless the new
Makefile.randomprime file is used.
* The ej tools to make the MaraDNS documentation are now unified.
ej is a format I came up with in early 2002 to give MaraDNS
a unified documentation format.
* Move coLunacyDNS to the top-level directory instead of hiding
it in deadwood-${VERSION}/tools/ lunacy is now in coLunacyDNS/
instead of deadwood-${VERSION}
* Begin work on making Lua versions of the ej tools, to remove
the final Perl dependency MaraDNS currently has. Right now
we have a Lua script to convert .ej files in to .html files.
We are still using the Perl tools to make documents until
this work is done and tested.
* time-test.c tool added to make sure we will be OK after Y2038
on systems with a 32-bit time_t. Yes, MaraDNS is Y2038
compliant on such systems as long as the underlying timestamp
is being updated.
* Update the version of lunacy (Lua 5.1 fork) included with
MaraDNS to fix a theoretical issue with its RadioGatun[32]
implementation, and to give lunacy lunacy.today() support
(so that we can use the lunacy included with MaraDNS to
build the MaraDNS documents)
(2022-10-24)
maradns-3.4.06:
This is a legacy release of MaraDNS:
* Minor security fix for Deadwood to ensure that no more than 83
queries are made to solve a given request when run as a fully
recursive server. This only affects setups where root_servers
is set in the Deadwood dwood3rc configuration file.
(2022-10-24)
maradns-3.4.05:
This is a legacy release of MaraDNS:
* Deadwood updated to 3.4.05
* Deadwood tests are now 3.4 backports of the current 3.5 tests
* Legacy testing platform is now Alpine 3.14. See the Dockerfile
in the Deadwood sqa directory for the full platform setup.
* MaraDNS tests are now the current 3.5 MaraDNS tests (no backporting
needed)
* All regression tests pass again
* rg32hash.tar.gz, used for testing, added to Deadwood 3.4 tree
* No security fixes
(2022-10-18)
maradns-3.5.0023:
This is a stable release of MaraDNS:
* Testing update: All tests can run in a Ubuntu 22.04 Docker image
or an Alpine Linux 3.14 Docker image. Both Dockerfiles are
included.
* Testing update: Perl scripts no longer used for the regression
tests
* Bugfix: min_ttl now works for all cached entries
* Recursive update: CNAME chains with out-of-bailiwick records
are now resolved the same way as other DNS servers
* Development environment updated to Ubuntu 22.04
* Documentation clean up and updates
(2022-10-17)
maradns-3.4.04:
This is a legacy release of MaraDNS:
* Deadwood updated to 3.4.04 (no security updates)
- Backport min_ttl to legacy branch
- Some minor code cleanup
(2022-10-16)
maradns-3.4.03:
This is a legacy release of MaraDNS:
* Backport CVE-2022-30256 to MaraDNS 3.4
(2022-08-03)
maradns-3.5.0022:
This is a stable release of MaraDNS:
* Make incomplete last line non-fatal in Windows
* Documentation updates based on user feedback
* New Deadwood parameter: maxttl_reduce_labels for tweaking
how many lables a DNS label for a NS referral can have before
reducing its TTL.
* Mitigations for an issue where “ghost domains” could stay
in the cache longer. This is a medium impact security
issue which should be described in CVE-2022-30256.
(2022-05-07)
maradns-3.5.0021:
This is a stable release of MaraDNS:
* MaraDNS now, by default, will compile with IPv6 support.
See MaraDNS GitHUB ticket #97 for discussion.
* One line patch for coLunacyDNS against CVE-2014-5461. This
only affects coLunacyDNS (not MaraDNS and not Deadwood), and
in the context of coLunacyDNS, I can not reproduce the exploit,
and only people running untrusted Lua scripts would be vulnerable.
(2021-07-28)
maradns-3.5.0020:
This is a stable release of MaraDNS:
* New parameter: source_ip4, to specify the source IP when sending a
query to an upstream or authoritative DNS server.
* Makefile.centos8 file for Deadwood renamed Makefile.Ubuntu2004 (i.e.
it’s now a Makefile for Ubuntu 20.04)
(2021-05-15)
maradns-3.5.0019:
This is a stable release of MaraDNS:
* One line change to zoneserver.c to make it work better with systemd
* Synthetic IP generator example (e.g. 10.1.2.3.ip4.internal
resolves to 10.1.2.3) added to coLunacyDNS documentation
(2021-03-16)
maradns-3.5.0018:
This is a stable release of MaraDNS:
* coLunacyDNS updated to 1.0.010 (Ubuntu 20.04 testing found a
minor select() bug)
* Since RedHat has broken their pinky promise to support CentOS 8
until 2029, MaraDNS has moved from CentOS 8 to Ubuntu 20.04 LTS
(RPM .spec files removed; Docker container now runs Ubuntu 20.04)
(2020-12-20)
maradns-3.5.0017:
This is a stable release of MaraDNS:
* coLunacyDNS update: We can now specify the “Authoritative”
and “Recursion available” flags in the reply.
* coLunacyDNS update: We can now specify a TTL for the reply,
to be anywhere from 0 seconds (do not cache) to a little over
90 days.
* coLunacyDNS version updated to be 1.0.009.
(2020-10-02)
maradns-3.5.0016:
This is a stable release of MaraDNS:
* Unstable mmLunacyDNS code removed from tree (coLunacyDNS can do
anything mmLunacyDNS could do)
* coLunacyDNS bug fixes: We return with an error if the Lua code
attempts to return an invalid IPv4 address to the client (before,
the code incorrectly returned 255.255.255.255)
* coLunacyDNS returns helpful errors if the processQuery return
value is invalid in various ways.
* coLunacyDNS now has 100%* testing coverage. *Some sanity tests
which protect coLunacyDNS from security threats which can not
be readily reproduced are disabled in testing mode.
* coLunacyDNS is now at version 1.0.008
(2020-09-01)
maradns-3.5.0015:
This is a stable release of MaraDNS:
* coLunacyDNS is now a stable release (1.0.007) with a full
SQA testing suite and well over 90% code coverage in its tests.
* mmLunacyDNS has been removed; coLunacyDNS can do everything
mmLunacyDNS could do, and this saves me the bother of
maintaining two code bases.
* askmara now compiles with IPv6 support (the code has been
there, but is finally getting enabled)
(2020-08-29)
maradns-3.5.0014:
This is a stable release of MaraDNS (note that coLunacyDNS and
mmLunacyDNS are unstable):
* coLunacyDNS’s Lua script can now specify IPv6 addresses in
standard “colon” format, e.g. co1Data="2001:db8::1"
* coLunacyDNS now handles ANY (and HINFO) queries as per RFC8482
* coLunacyDNS documentation updates: Various cleanup. Also,
the example coLunacyDNS .lua files now return “not there”
when we ask for a hostname which does not have a given record.
(2020-08-20)
maradns-3.5.0013:
This is a stable release of MaraDNS (note that coLunacyDNS and
mmLunacyDNS are unstable):
* coLunacyDNS now has support for binding to IPv6 addresses. Both
the *NIX (Linux) and the Windows32 binary can bind to an IPv6
socket.
* Some other bug fixes and cleanup, mainly with coLunacyDNS.
(2020-08-19)
maradns-3.5.0012:
This is a stable release of MaraDNS (note that coLunacyDNS and
mmLunacyDNS are unstable):
* mmLunacyDNS security fix: We now use a secure hash compression
function (HalfSipHash-1-3) for string hashing.
* coLunacyDNS: hash compression function updated from 64-bit
SipHash-2-4 to 32-bit HalfSipHash-1-3. Compile time warnings
removed from code.
* lunacy: The code by default now uses HalfSipHash-1-3 for string
hash compression. Default compile optimization is now -O3
(2020-08-12)
maradns-3.5.0011:
This is a stable release of MaraDNS:
* min_ttl parameter added; this is the minimum time we keep a
record in the cache (in seconds)
* Deadwood now compiles with IPv6 support by default. For
systems without IPv6 support, -DNOIP6 can be set when
compiling Deadwood.
* Automated tests now all run inside of Podman (Docker) container
and all pass. Tests are now completely automated, and can run
from cron (and can be adapted to run inside Jenkins).
(2020-08-10)
maradns-3.5.0010:
This is a stable release of MaraDNS:
* Hotfix: coLunacyDNS no longer fails after 20 calls to
processQuery() (we now properly clean the main stack before
calling processQuery() in a co-routine).
* Security update: MaraDNS, Deadwood, and Duende now default to
the user ID 707 instead of 99/66. This minimizes the chances
of the user used by MaraDNS being used by other processes,
which could be a security leak under some circumstances. The
problem with running multiple services as "nobody" is that
the "nobody" account is only as secure as the least secure
service running as that account.
* coLunacyDNS feature update: coLunacyDNS can now open and
read files (for security reasons, only in the same directory
coLunacyDNS is running in). In addition, the code to implement
IPv6 sockets is well under way.
(2020-08-06)
maradns-3.5.0009:
This is a stable release of MaraDNS:
* Add new program: coLunacyDNS. This is a DNS server which runs a
Lua function every time it gets a DNS query. It uses Lua
threads ("co-routines") to have a function which can get a
DNS packet from an upstream server and return the result for
processing by the Lua script (doing all this required setting up
an entire select()-based state machine). coLunacyDNS also supports
sending proper "not there" replies and both sending and
receiving IPv6 DNS records (but presently only over IPv4).
* Deadwood ip6 records can now have dashes and spaces in them
to make reading a 128-bit IP easier.
* SQA tests have been updated to run in CentOS 8.
(2020-08-03)
maradns-3.5.0008:
This is a stable release of MaraDNS:
* Add new program: mmLunacyDNS. This is an updated version of the
microdns program, a program which always returns the same IP for
any DNS query given to it, with Lua scripting support (so we
can customize what gets logged, return different IPs for
different queries, and ignore non-IPv4 IP address queries).
The program can also run as a Windows service. The script can
only return IPv4 IP addresses or ignore queries, but it’s quite
flexible given those limitations.
* Since mmLunacyDNS has Lua support, we now include the full source
of my fork of Lua 5.1, “Lunacy”. The reason why I am using an
older version of Lua is because this is the version of Lua
supported by LuaJIT, and I like having the option of increasing
performance with LuaJIT without breaking existing Lua-based
configuration files.
* Deadwood logging update: Only note if one can not open cache when
verbose_level is 10 or more (since this is mostly harmless).
This is a non-fatal error which can be safely ignored. The cache
file just keeps copies of previously resolved DNS names around
between invocations of Deadwood; if the cache file can’t be read,
then DNS resolution might be a bit slower for some names after
starting up Deadwood, but everything will be OK.
* I have added the ability to have multiline comments in Deadwood
configuration files by using _rem={ at the beginning of a line;
this indicates that a comment should continue until a } character
is seen. The reason for the unusual syntax is so that we can have
multi-line comments in script files which are compatible with
Deadwood, Lua, and Python.
(2020-07-24)
maradns-3.5.0007:
This is a stable release of MaraDNS:
* Update name of “ip_blacklist” to be “ip_blocklist”. The
old name "ip_blacklist" still works (and I have no plans to
remove it), but “ip_blocklist” is more up to date.
* Note in some older documents that while “primary” and “replica”
are more up to date ways of saying “master” and “slave”, the
documents will, in the interest of compatibility, retain the
“master” and “slave” wording.
(2020-07-07)
maradns-3.5.0006:
This is a stable release of MaraDNS:
* Deadwood configuration files can not have leading space in them.
Deadwood no longer uses a subset of Python2 syntax, since Python2
is now post-End of life.
(2020-07-01)
maradns-3.5.0005:
This is a stable release of MaraDNS:
* MaraDNS is now fully supported in Cygwin
* Windows port of MaraDNS no longer includes maradns.exe; we instead
tell people how to compile MaraDNS in Cygwin. Note We continue to
fully support Deadwood for Windows, which is a proper Windows
service (unlike the old maradns.exe).
* Dockerfile now creates Docker image with working instance of
MaraDNS. This is still a work in progress; one currently needs to
enter the Docker container to change MaraDNS configuration files.
* Version number fixed when compiling a MaraDNS release.
(2020-06-02)
maradns-3.5.0004:
This is a stable release of MaraDNS:
* maximum_cache_elements no longer needs to include blocklist, root
server, upstream server, or synthetic IP elements.
* Documentation updates, mainly for maximum_cache_elements change
(2020-04-18)
maradns-3.5.0003:
This is a stable release of MaraDNS:
* Added support for blocklists as per GitHub issue #69 and GitHub
issue #70
* Minimize memory usage of blocklists by allowing the same entry to
be used for IPv4 and IPv6
(2020-04-16)
maradns-3.5.0002:
This is a stable release of MaraDNS:
* Documentation and other updates and cleanups.
* Windows port no longer needs to have secret.txt file to run; the
Deadwood Windows port now uses the Windows call CryptGenRandom() to
get entropy.
(2020-02-03)
maradns-3.5.0001:
This is a stable release of MaraDNS:
* bind2csv2.py updated to run in Python3.
* This is the first “One Source of Truth” release of MaraDNS: All
files in the release are derived directly from the Git version of
MaraDNS.
* Github history going back to 2014 is now included as part of the
source code tarball.
* Scripts to test the Git version of MaraDNS, to make the Windows
binaries, and to convert the Git version in to a tarball and
Windows zipfile added.
(2020-01-25)
maradns-3.4.02:
This is a stable release of MaraDNS:
* Tests updated to run and pass in CentOS 7
* Fix typo in asktest.c.
* Deadwood: Issue building Deadwood from the GitHub tree in CentOS8
fixed
* Deadwood: Update Windows documents in Deadwood source code tarball
(2020-01-16)
maradns-3.4.01:
This is a stable release of MaraDNS:
* Deadwood updated to 3.4.01
(2019-10-24)
Important: Deadwood 3.4.01 is updated to use the Quad9 upstream DNS
servers as the default. If the old behavior of using the ICANN name
servers as root servers is desired, add the following lines to one’s
dwood3rc file:
root_servers = {}
root_servers["."]="198.41.0.4,"
root_servers["."]+="199.9.14.201,"
root_servers["."]+="192.33.4.12,"
root_servers["."]+="199.7.91.13,"
root_servers["."]+="192.203.230.10,"
root_servers["."]+="192.5.5.241,"
root_servers["."]+="192.112.36.4,"
root_servers["."]+="198.97.190.53,"
root_servers["."]+="192.36.148.17,"
root_servers["."]+="192.58.128.30,"
root_servers["."]+="193.0.14.129,"
root_servers["."]+="199.7.83.42,"
root_servers["."]+="202.12.27.33"
Please note: The above list of IPs is current as of 2019-04-07, and was
last changed in October of 2017.
Please go to root-servers.org to get an up-to-date list of root
servers.
maradns-3.3.03:
This is a development release of MaraDNS.
* Updated numbering system to give MaraDNS the same version number as
Deadwood.
* Deadwood updated to 3.3.03.
* Document how star records work.
(2019-09-28)
maradns-2.0.17:
This is the stable release of MaraDNS. No security updates were made.
* Deadwood updated to 3.2.14
* Default max_mem value doubled as discussed in GitHub issue #52.
(2019-01-20)
maradns-2.0.16:
This is the stable release of MaraDNS. A very minor security update was
made.
* Deadwood updated to 3.2.12
(2018-08-16)
maradns-2.0.15:
This is the stable release of MaraDNS. No security updates were done in
this release.
* Deadwood updated to 3.2.11
(2018-02-05)
maradns-2.0.14:
This is the stable release of MaraDNS. No security updates were done in
this release.
* Deadwood updated to 3.2.10
(2017-06-10)
maradns-2.0.13:
This is the stable release of MaraDNS.
* Two non-critical buffer overflows from ParseMaraRc fixed. One can
never be exploited; the other one can only be exploted by the
(usually) root user by writing to the system mararc file.
* Deadwood updated to 3.2.09
(2015-09-25)
maradns-2.0.12:
This is the stable release of MaraDNS.
* Security fix for improper free() in zoneserver
* Deadwood updated to 3.2.08
* Zone transfers now work with newer versions of dig
* Documentation updates
(2015.08.19)
maradns-2.0.11:
This is the stable release of MaraDNS.
* Deadwood updated to 3.2.07
(2015.01.30)
maradns-1.4.16:
This is the final MaraDNS 1 release. Please be aware that MaraDNS 1 has
at least one unpatched security hole
This is the legacy branch of MaraDNS. Please upgrade to MaraDNS 2. All
MaraDNS 1 support ends on June 21, 2015.
* Deadwood updated to 3.2.07
(2015.01.30)
maradns-2.0.10:
This is the stable release of MaraDNS.
* Deadwood updated to 3.2.06
* Zoneserver now compiles and runs in Cygwin (so Windows users can
have DNS-over-TCP support).
(2015.01.24)
maradns-1.4.15:
This is the legacy branch of MaraDNS. Please upgrade to MaraDNS 2. This
will probably be the final MaraDNS 1 release; all MaraDNS 1 support
ends on June 21, 2015.
* Deadwood updated to 3.2.06
* CERT vulnerability VU#264212 update: max_glueless_level now
defaults to 4 instead of 10
(2015.01.24)