Version 1.4.8.2 of OpenDNSSEC has now been released.

News

• Support for RFC5011 style KSK rollovers. KSK section in the KASP now accepts element.
• Enforcer: New repository option allows to generate keys with CKA_EXTRACTABLE attribute set to TRUE so keys can be wrapped and extracted from HSM.

Bugfixes

• SUPPORT-145: EOF handling an ARM architecture caused signer to hang.
• Fixed signer hitting assertion on short reply XFR handler.
• Include revoke bit in keytag calculation.
• Increased stacksize on some systems (thanks Patrik Lundin!).
• Stop ods-signerd on SIGINT.

Note:

• By error 1.4.8 did not include database migration scripts for upgrading existing installations. 1.4.8.2 resolves this issue.

Download:

• https://dist.opendnssec.org/source/opendnssec-1.4.8.2.tar.gz
• https://dist.opendnssec.org/source/opendnssec-1.4.8.2.tar.gz.sig
• Checksum SHA256: 7fd553ee39173e807477ed1daff6ee2f8b1c83875cd2e52a1df3315bf0015513

This entry was posted on Monday, October 5th, 2015 at 12:17 and is filed under Releases. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.