Version 1.0.0rc3 of OpenDNSSEC has now been released. This should be the last release candidate before 1.0.0.

Bugfixes:

• ods-ksmutil: The ksk-roll command did not handle its options correctly
• Auditor: Configured zone SOA TTL now used to track pre-published keys, rather than the unsigned zone SOA TTL.
• Enforcer: There was a flaw in the implementation of the timing code (it  follows an earlier version of the draft and at one point does not add on the safety margin).
• Enforcer: MySQL memory leaks fixed.
• Signer Engine: When changing policy or rollover a key, the old signed zone was not found, so always resulting in a fresh resign.
• Signer Engine: RRsets with varying TTLs on the records where considered different RRsets, the signer engine now eqaulizes those TTLs.

Fixes:

• A code review was performed by members of the project group. No serious problem was found. The code review resulted in some polishing of the code.
• Dnsruby-1.42 is now required, it fixes issues with TXT and NAPTR record parsing.
• ldns 1.6.4 is now required.
• Known issues has been moved from NEWS to KNOWN_ISSUES.

Download the tarball from: opendnssec-1.0.0rc3.tar.gz

This entry was posted on Monday, January 25th, 2010 at 22:42 and is filed under Releases. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.