[Opendnssec-announce] OpenDNSSEC 1.4.9

Yuri Schaeffer yuri at nlnetlabs.nl
Thu Jan 21 15:27:16 UTC 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dear Package Maintainers,

Version 1.4.9 of OpenDNSSEC has now been released. No changes have
been made w.r.t. the 1.4.9rc1.

The main motivations for this release are bug fixes related to use
cases with large number of zones (more than 50 zones) in combination
with an XFR based setup. Too much concurrent zone transfers causes new
transfers to be held back. These excess transfers however were not
properly scheduled for later.

No migration steps needed when upgrading from OpenDNSSEC 1.4.8.

Bugfixes:

 * Add TCP waiting queue. Fix signer getting 'stuck' when adding many
   zones at once. Thanks to Håvard Eidnes to bringing this to our
   attention.
 * OPENDNSSEC-723: received SOA serial reported as on disk.
 * Fix potential locking issue on SOA serial.
 * Crash on shutdown. At all times join xfr and dns handler threads.
 * Make handling of notifies more consistent. Previous implementation
   would bounce between code paths.

Known Issues:

 * When using SoftHSM2 compiled with OpenSSL, and libmysql with OpenSSL
   as database backend for OpenDNSSEC. "ods-ksmutil key list --verbose"
   crashes on exit. This is ultimately a bug in OpenSSL and not new for
   this particular release. Make sure you don't use this specific
   combination.

Download:

 * https://dist.opendnssec.org/source/opendnssec-1.4.9.tar.gz
 * https://dist.opendnssec.org/source/opendnssec-1.4.9.tar.gz.sig
 * Checksum SHA256:
50a157d26d8b9ae370cd7fa52c7c6f43f4c77aeeb5d0fccd6a2e92c7dfc1d88e
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iEYEARECAAYFAlag+NQACgkQI3PTR4mhavjqkwCghDmsUo1NHq/+0YJ1QZF7IUX6
ixIAoM2xBmKfJshJhRxMuPXU86V17OiV
=H3Q6
-----END PGP SIGNATURE-----



More information about the Opendnssec-announce mailing list