Just to let you know, this upgrade went perfectly on generic-pc, thanks
again Manual for providing such a great firewall and resolving issuses so
quickly. Dnsmasq patch fixed my last upgrade problem, I use the dns
forwarder a lot, turning it off for b12 would have cut my access to my dmz
servers which would not have been good.
From: Manuel Kasper [mailto:mk at neon1 dot net]
Sent: Wednesday, July 09, 2008 5:32 PM
Subject: [m0n0wall] Preliminary release 1.3b13-pre (-> DNS insecurity panic)
in light of the recent CERT advisory about more DNS cache poisoning
vulnerabilities in all DNS server software (discovered by Dan Kaminsky), the
author of Dnsmasq has released version 2.43rc3 of his DNS forwarder
software, which is used in m0n0wall (even though at this point he believes
that Dnsmasq isn't affected, as it doesn't do recursive name resolution).
This version now includes the recommended query source port randomization.
He'd be grateful if this Dnsmasq version got as much testing as possible, as
there's some time pressure to release a fixed final version. I have
therefore (and also because of the "Register DHCP leases in DNS forwarder"
mishap in 1.3b12) created a preliminary
1.3b13 version for the slightly more adventurous among you to test.
Any problems with the DNS forwarder in this release -> please post to the
mailing list. Thanks!
Changes since 1.3b12:
- updated Dnsmasq to 2.43rc3 (DNS query source port randomization)
- fixed "Register DHCP leases in DNS forwarder" feature
- fixed issue with PPTP VPN and traffic shaper (see
- support for IPv6 over PPPoE/PPPTP
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch