OpenDNSSEC 1.2.0rc3
Version 1.2.0rc3 of OpenDNSSEC has now been released.
- Moved migration instructions to the file MIGRATION
Bugfixes:
- Bugreport #199: The previous DB schema change made the zone removal broken.
- Enforcer: When retiring old KSK, use TTL(ds) and not TTL(ksk).
- Enforcer: Minimize the set of DS RRs sent to DelegationSignerSubmitCommand.
- Enforcer: Replace tab with a space character in the DNSKEY printed to syslog.
- Enforcer: Fixed pontential format string bug.
- ods-ksmutil: Log to syslog when ds-seen changes a key to active/standby.
- Signer Engine: Don’t be smart with RRSIG TTLs, the hsm will set them for you.
- Signer Engine: Set notify command for zone when receiving ods-signer update.
- Signer Engine: Update TTL of NSEC(3) records if SOA Minimum has changed in KASP.
- Signer Engine: Now logs to the correct facility.
- Signer Engine: Also remove NSEC records when detecting changes in signconf <Denial>
- Signer Engine: Dropped privileges before starting Zonefetcher.
Known bug:
- This release does not build on Solaris, but will be fixed.
Download the tarball from: opendnssec-1.2.0rc3.tar.gz
This entry was posted on Tuesday, December 28th, 2010 at 12:39 and is filed under Releases. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.
Comments are closed.