OpenDNSSEC 1.4.3
Version 1.4.3 of OpenDNSSEC has now been released:
Updates:
- SUPPORT-72: Improve logging when failed to increment serial in case of key rollover and serial value “keep” [OPENDNSSEC-461].
- OPENDNSSEC-106: Add ‘ods-enforcerd -p <policy>’ option. This prompts the enforcer to run once and only process the specified policy and associated zones.
- OPENDNSSEC-330: NSEC3PARAM TTL can now be optionally configured in kasp.xml. Default value remains PT0S.
- OPENDNSSEC-390: ods-ksmutil: Add an option to the ‘ods-ksmutil key ds-seen’ command so the user can choose not to notify the enforcer.
- OPENDNSSEC-430: ods-ksmutil: Improve ‘zone add’ – Zone add command could warn if a specified zone file or adapter file does not exits.
- OPENDNSSEC-431: ods-ksmutil: Improve ‘zone add’ – Support default <input> and <output> values for DNS adapters.
- OPENDNSSEC-454: ods-ksmutil: Add option for ‘ods-ksmutil key import’ to check if there is a matching key in the repository before import.
Bugfixes:
- OPENDNSSEC-435: Signer Engine: Fix a serious memory leak in signature cleanup.
- OPENDNSSEC-463: Signer Engine: Duration PT0S is now printed correctly.
- OPENDNSSEC-466: Signer Engine: Created bad TSIG signature when falling back to AXFR.
- OPENDNSSEC-467: Signer Engine: After ods-signer clear, signer should not use inbound serial.
Documentation:
Download:
- opendnssec-1.4.3.tar.gz
- opendnssec-1.4.3.tar.gz.sig
- Checksum sha1: 9e985fc42ce679c930bbdbc1a38ad5ff1ca4c61a
- Checksum sha256: 22979b53851a1ec74a242ca89bbd1fc58a170272f33c6a395f0ab14f6244e491
This entry was posted on Wednesday, December 4th, 2013 at 16:36 and is filed under Releases. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.
Comments are closed.