3
I Use This!
Moderate Activity

News

Analyzed about 9 hours ago. based on code collected 1 day ago.
Posted about 1 month ago
Security CVE-2023-50868: NSEC3 closest encloser proof can exhaust CPU validator: lower the NSEC3 iteration limit (150 -> 50) validator: similarly also limit excessive NSEC3 salt length cache: limit the amount of …
Posted 7 months ago
Security avoid excessive TCP reconnections in a few more cases Like before, the remote server had to behave nonsensically in order to inflict this upon itself, but it might be …
Posted about 1 year ago
Security avoid excessive TCP reconnections in some cases (!1380) For example, a DNS server that just closes connections without answer could cause lots of work for the resolver (and itself …
Posted over 1 year ago
Security fix CPU-expensive DoS by malicious domains - CVE-2022-40188 Improvements fix config_tests on macOS (both HW variants)
Posted over 1 year ago
Improvements support libknot 3.2 (!1309) priming module: hide failures from the default log level (!1310) reduce memory usage in some cases (!1328) Bugfixes daemon/http: improve URI checks to …
Posted almost 2 years ago
Improvements daemon/tls: disable TLS resumption via tickets for TLS <= 1.2 (#742, !1295) daemon/http: DoH now responds with proper HTTP codes (#728, !1279) renumber module: allow rewriting subnet …
Posted about 2 years ago
Improvements extended_errors: module for extended DNS error support, RFC8914 (!1234) policy: log policy actions; useful for RPZ debugging (!1239) policy: new action policy.IPTRACE for logging request origin (!1239 …
Posted about 2 years ago
Bugfixes fix bad zone cut update in certain cases (e.g. AWS; !1237)
Posted over 2 years ago
Improvements lua: add kres.parse_rdata() to parse RDATA from string to wire format (!1233) lua: add policy.domains() for exact domain name matching (!1228) Bugfixes policy.rpz: fix origin …
Posted over 2 years ago
Improvements lua: add kres.parse_rdata() to parse RDATA from string to wire format (!1233) lua: add policy.domains() for exact domain name matching (!1228) Bugfixes policy.rpz: fix origin detection …