After several years of silence I'm about to release a new version of udns, with just one bugfix and a change from sequentional queue IDs for queries to random, using a simple pseudo-random number generator by Bob Jenkins.
This affects queueIDs _only_, not source port, because by design udns uses just one port for all queries. The whole thing is still inherently insecure, even for source port randomisation, as has been already said several times - _all_ "simple" DNS resolves today are vulnerable to attacks on high-bandwidth network such as a typical LAN. So this change is in fact not an improvement, even if it feels like that. I also plan to address a few defects and suggestions I received during all these years. Not that I'm saying udns should now enter Debian, just adding some information to the bug report. Thanks! /mjt -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
