[Opendnssec-announce] OpenDNSSEC 1.4.8rc1

Yuri Schaeffer yuri at nlnetlabs.nl
Fri Sep 25 12:39:54 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Version 1.4.8rc1 of OpenDNSSEC has now been released. This version is
recommended for testing only, not for use in production environments.

NEWS:

* Support for RFC5011 style KSK rollovers. KSK section in the KASP now
  accepts <RFC5011/> element.
* Enforcer: New repository option <AllowExtraction/> allows to generate
  keys with CKA_EXTRACTABLE attribute set to TRUE so keys can be wrapped
  and extracted from HSM.

Bugfixes:
* SUPPORT-145: EOF handling an ARM architecture caused signer to hang.
* Fixed signer hitting assertion on short reply XFR handler.
* Include revoke bit in keytag calculation.
* Increased stacksize on some systems (thanks Patrik Lundin!).
* Stop ods-signerd on SIGINT.


Download:

* https://dist.opendnssec.org/source/testing/opendnssec-1.4.8rc1.tar.gz
*
https://dist.opendnssec.org/source/testing/opendnssec-1.4.8rc1.tar.gz.si
g
* Checksum SHA256:
faf53972986caee6c5f5e71db52ec85426f2d9cbc97db1e3e5cdaacbab6f86c5


// OpenDNSSEC team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iEYEARECAAYFAlYFQJoACgkQI3PTR4mhavgmdQCfQQ4nVZvoT76mv4ZrCJAK6jcb
E/gAn0XKrsNB0WOOoVb8yXLs4uRjVU9w
=u/GU
-----END PGP SIGNATURE-----



More information about the Opendnssec-announce mailing list