Archive for the ‘Uncategorized’ Category
OpenDNSSEC 2.1.6
Version 2.1.6 of OpenDNSSEC has been released on 2020-02-10.
News
This release of 2.1.6 fixes some issues regarding the key list wrongfully displayed (a regression bug in 2.1.5) as well as a small leak in the enforcer (which can add up when you bang the enforcer with a lot of commands). And as well as a serious signing error when using Combined Signing Keys (CSKs), this is only relevant if you combine KSK and ZSK in one. Especially users of CSKs need this fix now. Another nice fix is a reconnect to a MySQL/MariaDB database you you don’t have to tweak database parameters
The 2.1.6 release is available immediately from the download site.
Fixes
- OPENDNSSEC-913: verify database connection upon every use.
- OPENDNSSEC-944: bad display of date of next transition (regression)
- SUPPORT-250: missing signatures on using combined keys (CSK)
- OPENDNSSEC-945: memory leak per command to enforcer.
- OPENDNSSEC-946: unclean enforcer exit in case of certain config problems.
- OPENDNSSEC-411: set-policy command to change policy of zone (experimental). Requires explicit enforce command to take effect.
Download
- https://dist.opendnssec.org/source/opendnssec-2.1.6.tar.gz
- https://dist.opendnssec.org/source/opendnssec-2.1.6.tar.gz.sig
- Checksum SHA256: b2c0caa673b8cfef73585dedf276997f5ca69bb3d523ce4e080f70dfcb23c56c
OpenDNSSEC 2.1.5
Version 2.1.5 of OpenDNSSEC has been released on 2019-11-05.
News
The previous release fixed an important issue, but unfortunately left in a memory leak, which this release fixes. This release of 2.1.5 fixes the memory issue, along with some additional issues primarily relating to minor migration reporting and configuration.
The 2.1.5 release is available immediately from the download site. Installations still on the 1.4 release should really upgrade to this version as it has been tested enough by major players.
Fixes
- SUPPORT-245: Resolve memory leak in signer introduced in 2.1.4.
- SUPPORT-244: Don’t require Host and Port to be specified in conf.xml
when migrating with a MySQL-based enforcer database backend. - Allow for MySQL database to pre-exist when performing a migration,
and be a bit more verbose during migration. - Fix AllowExtraction tag in configuration file definition.
- SUPPORT-242: Skip over EDNS cookie option.
- SUPPORT-240: Prevent exit of enforcer daemon upon interrupted interaction with CLI commands (when having > 1000 zones and aborting a pipe).
- Correct some error messages.
Download
- https://dist.opendnssec.org/source/opendnssec-2.1.5.tar.gz
- https://dist.opendnssec.org/source/opendnssec-2.1.5.tar.gz.sig
- Checksum SHA256: 2bc3e63e566156c06dd592fca053c581c79d40e3357669b32503d5617136bd41
OpenDNSSEC 1.4.14
Version 1.4.14 of OpenDNSSEC has been released on 2017-04-28.
News
Hereby we announce the OpenDNSSEC 1.4.14 release.
Bugs Fixed
- OPENDNSSEC-888: Fix up MySQL<->SQLite3 database conversion script.
- OPENDNSSEC-752: Incorrect calculated number of KSKs needed when KSK and ZSK have exactly the same parameters. This would prevent KSK rollovers.
- OPENDNSSEC-890: Bogus signatures on mismatching TTLs within the same RRset.
Download
- https://dist.opendnssec.org/source/opendnssec-1.4.14.tar.gz
- https://dist.opendnssec.org/source/opendnssec-1.4.14.tar.gz.sig
- Checksum SHA256: e1c41ec5bc6176233b2d94f4f4f703e7587bae6760764ab1bef03cf10bd1dcdf
OpenDNSSEC 2.1.1
Version 2.1.1 of OpenDNSSEC has been released on 2017-04-28.
News
OpenDNSSEC 2.1.1 addresses a number of bug fixes. No migration steps are required when upgrading from an earlier 2.X release. In case you are still on the 1.4.X branch and like to upgrade to 2.1.1 you are advised to do so directly rather than installing earlier 2.X versions first.
Bugs Fixed
- OPENDNSSEC-889: MySQL migration script didn’t work for all database and MySQL versions.
- OPENDNSSEC-887: Segfault on extraneous
tag. - OPENDNSSEC-880: Command line parsing for import key command failed.
- OPENDNSSEC-890: Bogus signatures upon wrong zone input when TTLs for same rrset are mismatching.
Download
- https://dist.opendnssec.org/source/opendnssec-2.1.1.tar.gz
- https://dist.opendnssec.org/source/opendnssec-2.1.1.tar.gz.sig
- Checksum SHA256: 82d865fc6f89df6d2eedcfead2aaf489d389e0861d2244f2393e8e65858a4b5b
OpenDNSSEC 1.4.13
Version 1.4.13 of OpenDNSSEC has been released on 2017-01-20.
News
Hereby we announce the OpenDNSSEC 1.4.13 release. It includes a small number of bug fixes and no migration steps are needed. Some minor code adjustments where made to make linking to OpenSSL 1.1.0 possible.
This release is signed by our new (Jan 11th) PGP key.
Fixes
- OPENDNSSEC-778: Double NSEC3PARAM record after resalt.
- OPENDNSSEC-853: Fixed serial_xfr_acquired not updated in state file.
- Wrong error was sometimes being print on failing TCP connect.
- Add support for OpenSSL 1.1.0.
- OPENDNSSEC-866: Script for migration between MySQL and SQLite was outdated.
Download
- https://dist.opendnssec.org/source/opendnssec-1.4.13.tar.gz
- https://dist.opendnssec.org/source/opendnssec-1.4.13.tar.gz.sig
- Checksum SHA256: ce146ff5eeaefdc81db10e8678825b30ecc0410003bda7068821bf8e8d8f4d1f
OpenDNSSEC 2.0.4
Version 2.0.4 of OpenDNSSEC has been released on 2017-01-13.
News
As of now OpenDNSSEC 2.0.4 is released. This version is a minimal change over 2.0.3, fixing a reported crash of the Enforcer daemon. No additional migration steps are required. In the near future, we aim at the end of January, we are planning to release the next feature version which will be 2.1.
This release is signed by our new (Jan 11th) PGP key.
Fixes
- Fix Enforcer crash that could occur in some cases while evaluating relationships between keys.
- Support compiling with OpenSSL 1.1.
Download
- https://dist.opendnssec.org/source/opendnssec-2.0.4.tar.gz
- https://dist.opendnssec.org/source/opendnssec-2.0.4.tar.gz.sig
- Checksum SHA256: 0eb1a74b9196c0b6d91a7c75a393da80d47dbcb603817d079a9f24c3fae9d8b9
You are currently browsing the archives for the Uncategorized category.