SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for dsc-2.15.2.1728392268-1.2.x86_64.rpm :

* Tue Oct 08 2024 Jerry Lundström 2.15.2.1728392268-1- Auto build 2024-10-08T12:57:48+00:00
* Fri Aug 30 2024 Jerry Lundström 2.15.2-1- Release 2.15.2
* This releases fixes 3 issues detected by code analysis tools: - File not closed and memory not freed during error while loading known TLD file - https://github.com/DNS-OARC/dsc/security/code-scanning/22 label buffer should be static - https://github.com/DNS-OARC/dsc/security/code-scanning/20 unsigned difference expression
* Commits: 855f037 CodeQL b00cb11 Stack c4d3634 Sonar 26c3b9e Badges, fixes b4a9171 Workflow
* Tue Apr 23 2024 Jerry Lundström 2.15.1-1- Release 2.15.1
* This release fixes client subnet indexer which overwrote the mask options during initialization so the conf option `client_v4_mask` and `client_v6_mask` was never used.
* Other changes: - Update documentation - Update builtin known TLDs based on PSL - Update copyright year
* Commits: d577a97 Copyright f71edff Known TLDs dedafdd Client mask 8ef947c Doc
* Wed Aug 09 2023 Jerry Lundström 2.15.0-1- Release 2.15.0
* This release fixes DNS parsing w.r.t. EDNS, implements better loop detection during name decompression and adds a lot of EDNS indexers and filters.
* Previously the DNS parser expected the additional records to come straight after the question section. Meaning that if the DNS packet had any answer or authority records, they would be parsed as additional records for the OPT record and EDNS information.
* Following new indexers has been added: - edns_cookie - edns_cookie_len - edns_cookie_client - edns_cookie_server - edns_ecs - edns_ecs_family - edns_ecs_source_prefix - edns_ecs_scope_prefix - edns_ecs_address - edns_ecs_subnet - edns_ede - edns_ede_code - edns_ede_textlen - edns_ede_text - edns_nsid - edns_nsid_len - edns_nsid_data - edns_nsid_text Following new filters has been added: - edns0-only - edns0-cookie-only - edns0-nsid-only - edns0-ede-only - edns0-ecs-only See man-page dsc.conf(5) for more information.
* Other fixes/additions: - Only parse entire DNS message if EDNS indexers are used - `dns_protocol`: Implement proper loop detection during decompression - `xmalloc`: Check return of `amalloc()` before using `memset()`/`memcpy()` because it\'s undefined behavior on null pointers
* Commits: 8259f30 EDNS filters 41f3b9a strtohex, nsid text a666c04 EDNS(0) Client Subnet b5164fe EDNS 7cabfd9 EDNS0 parsing fixes and additional EDNS0 indexers. 46b1797 memcpy/memset fixes 8fd7b7a EDNS parsing cee2bf7 EDNS0 parsing, multi RR test a2c00c9 DNS compression loop detection 9875a3e RR parsing
* Thu Jun 15 2023 Jerry Lundström 2.14.1-1- Release 2.14.1
* Fixed a bug in TLD handling when using `tld_list`, it did not reset where it was in the QNAME when nothing was found and could therefor wrongly indicate something as a TLD. Also fixed a typo in the `dsc.conf` man-page.
* Commits: 976589d GCOV c3afee4 TLD list, doc typo
* Mon Apr 03 2023 Jerry Lundström 2.14.0-1- Release 2.14.0
* This release adds new configure option to control the file access to the output files, support for newer DNSTAP, improved DNSTAP message handling and updated Public Suffix List. - Fix #279: Add new conf options to control output file access: - `output_user`: set output file user ownership - `output_group`: set output file group ownership - `output_mod`: set output file mode bits - `dnstap`: Move DNSTAP essential attributes checks inside each type and customize them for that specific type - Update dnswire dependencies to v0.4.0 - `encryption_index`: Add support for new DNSTAP DNS-over-QUIC socket protocol - Update builtin Public Suffix List (PSL)
* Commits: abfe245 DNSTAP da06317 Output file access af01a48 DOQ transport, PSL update
* Fri Feb 10 2023 Jerry Lundström 2.13.2-1- Release 2.13.2
* Updated pcap-thread to v4.0.1: Fixed issue with `pcap_dispatch()` during non-threaded timed runs by checking packet timestamp and use `pcap_breakloop()` if the run should end. Based on reports, it looks like `pcap_dispatch()` won\'t stop processing if load is high enough even if documentation says \"only one bufferful of packets is read at a time\".
* Many thanks to Klaus Darilion AATTklaus3000 (NIC.AT) for the report and helping to track down the issue and test fixes!
* Commits: e7d92fe Fix COPR 7ecf217 pcap-thread
* Thu Apr 21 2022 Jerry Lundström 2.13.1-1- Release 2.13.1
* This patch release is mainly for build and packages where MaxMind DB library is preferred over the legacy GeoIP library. MaxMind has announced that the databases for GeoIP will be EOL May 2022 and recommends switching to GeoIP2 databases.
* Also updated DSC\'s description, removing references to the now discontinued Presenter and pointing to dsc-datatool instead.
* Commits: d891e2c Package, description c23406c Optional GeoIP 26dd506 GeoIP
* Fri Jan 28 2022 Jerry Lundström 2.13.0-1- Release 2.13.0
* This release fixes a huge performance issue with hashing IPv6 addresses, adds support for new DNSTAP messages types and protocols, and adds two new indexers.
* Thanks to a patch sent in by Ken Renard (AATTkdrenard) a rather huge performance issue related to hashing IPv6 addresses has been solved. Old code used a very incorrect assumption about addresses in general and while same way was used for IPv4, it didn\'t hit as hard as it did for IPv6. New code uses hashing functions on both address types and to quote the GitHub issue (by Ken): -\"This performs about 5% better than what I did (51 sec versus 54 sec) for 5GB pcap file with nearly 50/50 split of IPv4 and IPv6 (3.7M/3.5M v4/v6 queries). Old inXaddr_hash() has been running for 75 minutes and is about 20% done. I say this is a winner!\" Many thanks to Ken for pointing this out and supplying a patch!
* DSC now depends on dnswire v0.3.0 which includes new DNSTAP messages types and protocols that was recently added to DNSTAP\'s Protobuf definition. The new `UPDATE_QUERY` and `UPDATE_RESPONSE` messages types are now supported and are interpret as `AUTH_QUERY` and `AUTH_RESPONSE`. The new socket protocols for DOT, DOH and DNSCrypt are also supported and are interpret as TCP for indexers such as `ip_proto` and `transport`. To get stats on the encryption itself you can use the new indexer `encryption`.
* Two new indexers have been added: - `label_count`: Number of labels in the QNAME - `encryption`: Indicates whether the DNS message was carried over an encrypted connection or not, and if so over which. For example \"unencrypted\", \"dot\" (DNS-over-TLS), \"doh\" (DNS-over-HTTPS).
* Other changes: - `inX_addr`: Rework structure, separate IPv4 and IPv6 addresses - Fix some DNSTAP tests - `transport_index`: Fix typo in code documentation
* Commits: 37df703 DNSTAP update, encryption indexer d27171f Label count indexer 6932247 Adding labellen indexer which counts the number of labels in a DNS message 68cc9c7 New IP hashing
* Thu Jan 13 2022 Jerry Lundström 2.12.0-1- Release 2.12.0
* This release adds a new conf option `tld_list` to control what DSC considers are TLDs, and a script to convert the Public Suffix List to this format (see `man dsc-psl-convert` for more information).
* For example, using this option will allow DSC to gather statistics on domains like `co.uk` and `net.au` that would otherwise be counted as `uk` and `au`.
* The release also updates the man-pages, clarifying how to use multiple `interface` and other similar options. And removes the deprecated cron upload scripts.
* Commits: e779a87 Remove upload scripts 2880f93 PSL TLD list ea04022 Update Copyright and known TLDs 5cbc7a4 Output format b7e6c35 Doc e66dae4 dh_auto_test 6a3e817 debhelper 89d033f Bye Travis fa1c179 Mattermost
  
ICM