[Opendnssec-develop] OpenDNSSEC 1.4.3

Sara Dickinson sara at sinodun.com
Wed Dec 4 14:47:23 UTC 2013


Version 1.4.3 of OpenDNSSEC has now been released. This is the latest stable release.


* SUPPORT-72: Improve logging when failed to increment serial in case of key rollover and serial value "keep" [OPENDNSSEC-461].
* OPENDNSSEC-106: Add 'ods-enforcerd -p <policy>' option. This prompts the enforcer to run once and only process the specified policy and associated zones.
* OPENDNSSEC-330: NSEC3PARAM TTL can now be optionally configured in kasp.xml. Default value remains PT0S.
* OPENDNSSEC-390: ods-ksmutil: Add an option to the 'ods-ksmutil key ds-seen' command so the user can choose not to notify the enforcer.
* OPENDNSSEC-430: ods-ksmutil: Improve 'zone add' - Zone add command could warn if a specified zone file or adapter file does not exits.
* OPENDNSSEC-431: ods-ksmutil: Improve 'zone add' - Support default <input> and <output> values for DNS adapters.
* OPENDNSSEC-454: ods-ksmutil: Add option for 'ods-ksmutil key import' to check if there is a matching key in the repository before import.


* OPENDNSSEC-435: Signer Engine: Fix a serious memory leak in signature cleanup.
* OPENDNSSEC-463: Signer Engine: Duration PT0S is now printed correctly.
* OPENDNSSEC-466: Signer Engine: Created bad TSIG signature when falling back to AXFR.
* OPENDNSSEC-467: Signer Engine: After ods-signer clear, signer should not use inbound serial.


* http://wiki.opendnssec.org/display/DOCS


* http://dist.opendnssec.org/source/opendnssec-1.4.3.tar.gz
* http://dist.opendnssec.org/source/opendnssec-1.4.3.tar.gz.sig
* Checksum sha1: 9e985fc42ce679c930bbdbc1a38ad5ff1ca4c61a
* Checksum sha256: 22979b53851a1ec74a242ca89bbd1fc58a170272f33c6a395f0ab14f6244e491

//OpenDNSSEC team

More information about the Opendnssec-develop mailing list