Sam Trenholme's webpage
Support this website

Deadwood 3.2.03 released

 

December 20 2012

Deadwood has been updated. This is a bugfix-only release relative to Deadwood 3.2.02. The main change that will affect end-users is that Deadwood no longer uses the cache file if it's older than the dwood3rc file.

It can be downloaded here:

http://www.maradns.org/deadwood/stable/
Here is a full changelog:
  • Added a whole bunch of security validation to DwCompress.c (always make sure offsets are within bounds)
  • Deadwood now compiles with IPv6 support again
  • We now handle EasyDNS' bad truncation in a reasonable manner
  • Added new SQA test for es-us.noticias.yahoo.com issue in May/June 2012
  • Replaced "malloc" with "dw_malloc" wrapper (make it a little easier for embedded devs)
  • Updated INSTALL.txt (Windows 7; Deadwood's malloc use)
  • There is now a compile-time flag (-DSHOWPACKET) to see every single packet Deadwood receives (for debugging)
  • If /etc/deadwood is missing, we now tell them what the missing directory is
  • Made the underlying RNG a little faster and about 50 bytes smaller (I like keeping the Windows binary under 65,536 bytes in size)
  • Documented the difference between a string, numeric, and dictionary parameter
  • If the Deadwood cache file is older than the dwood3rc file, do not load the cache
  • SQA update: Netstat changed, breaking one of the SQA tests. These SQA tests have been updated to pass again (and should work when run against an older netstat)
  • SQA update: Sometimes the ttl ages one second, which made one of the tests sometimes fail.
  • OS Update: The supported OSes for Deadwood are now CentOS/RedHat 6 and Windows 7
Since it took a while to update things to get all of the SQA tests to pass, I am going to implement a policy to, every fourth month, not fix bugs or update documentation in Deadwood, but make sure that none of CentOS/RedHat 6's security updates have broken any of Deadwood's SQA tests. It would be nice if a routine security update did not say, as happened this time, change netstat's output, but it's very hard to force core system tools or the kernel not to change their behavior at all when the code is entirely open-source. Sometimes, you do get what you paid nothing for.

Speaking of open-source economics, I will not work on MaraDNS/Deadwood again until one day next month, after the 20th, unless a critical security bug with a CVE number is found.

In order to reduce spam, comments for this entry are now closed