OpenDNSSEC 1.3.17
Version 1.3.17 of OpenDNSSEC has now been released:
Updates:
- SUPPORT-114: libhsm: Optimize storage in HSM by deleting the public key directly if SkipPublicKey is used [OPENDNSSEC-575].
- Signer Engine: log serial of signed zone in STATS line.
- OPENDNSSEC-550: Signer Engine: Put NSEC3 records on empty non-terminals derived from unsigned delegations (be compatible with servers that are incompatible with RFC 5155 errata 3441).
- OPENDNSSEC-569: Build compatibility with SoftHSMv2.
- Signer Engine: Examine unsigned zone checks for SOA RRset existence.
- OPENDNSSEC-591: ods-ksmutil: Extend ‘key list’ command with options to filter on key type and state. This allows keys in the GENERATE and DEAD state to be output.
Bugfixes:
- SUPPORT-116: ods-ksmutil key import. Date validation fails on certain dates [OPENDNSSEC-589].
- OPENDNSSEC-481: libhsm: Fix an off-by-one length check error.
- OPENDNSSEC-482: libhsm: Improved cleanup for C_FindObjects.
- OPENDNSSEC-515: Signer Engine: Don’t replace tabs in RRs with whitespace.
- OPENDNSSEC-538: libhsm: Possible memory corruption in hsm_get_slot_id.
- Signer Engine: Fix a race condition when stopping daemon.
- OPENDNSSEC-586: enforcer & ods-ksmutil: Improve logging on key creation and alloctaion.
- OPENDNSSEC-588: ods-ksmutil: Exported value of <Parent><SOA><TTL> in ‘policy export’ output could be wrong on MySQL.
Documentation:
Download:
- opendnssec-1.3.17.tar.gz
- opendnssec-1.3.17.tar.gz.sig
- Checksum SHA1: 732ffcbb3b7ca39e35b053dc1d4e516a9b9bbaa2
- Checksum SHA256: 9f0dcfb53a3e10255b2d85e6a30663548eca1ec2e900b7cd5db9329f1710e323
This entry was posted on Tuesday, May 6th, 2014 at 14:38 and is filed under Releases. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.
Comments are closed.