Since --gc-sections is broken on powerpc, but noone cared to okay jca@'s
binutils fix to disable it completely, continue fixing ports one by
one...
Btw, realized dnscrypt-proxy uses its own modified copy of libevent.. yay.
package's old default but this has been replaced in the csv file since
the OpenDNS acquisition.
There is now no default; select a server yourself and configure it as shown
in the readme.
- Security: malformed packets could cause the OpenDNS deviceid,
OpenDNS set-client-ip, blocking and AAAA blocking plugins to use
uninitialized pointers, leading to a denial of service or possibly
code execution. The vulnerable code is present since dnscrypt-proxy
1.1.0. OpenDNS users and people using dnscrypt-proxy in order to block
domain names and IP addresses should upgrade as soon as possible.
by me, ok jasper@
DNSCrypt-proxy provides local service which can be used directly
as your local resolver or as a DNS forwarder, encrypting requests
using the DNSCrypt protocol and passing them to an upstream server,
by default OpenDNS who run this on their resolvers.
The DNSCrypt protocol is very similar to DNSCurve, but focuses on
securing communications between a client and its first-level resolver.
While not providing end-to-end security, it protects the local
network, which is often the weakest point of the chain, against
man-in-the-middle attacks. It also provides some confidentiality to
DNS queries.
