[Opendnssec-develop] OpenDNSSEC 1.3.17rc1 release candidate

Sara Dickinson sara at sinodun.com
Mon Apr 28 14:28:38 UTC 2014


Version 1.3.17rc1 of OpenDNSSEC is now available. This is a release candidate for testing purposes:

OpenDNSSEC 1.3.17rc1 

* SUPPORT-114: libhsm: Optimize storage in HSM by deleting the public key directly if SkipPublicKey is used [OPENDNSSEC-575].
* Signer Engine: log serial of signed zone in STATS line.
* OPENDNSSEC-550: Signer Engine: Put NSEC3 records on empty non-terminals derived from unsigned delegations (be compatible with servers that are incompatible with RFC 5155 errata 3441).
* OPENDNSSEC-569: Build compatibility with SoftHSMv2.
* Signer Engine: Examine unsigned zone checks for SOA RRset existence.
* OPENDNSSEC-591: ods-ksmutil: Extend 'key list' command with options to filter on key type and state. This allows keys in the GENERATE and DEAD state to be output.

* SUPPORT-116: ods-ksmutil key import. Date validation fails on certain dates [OPENDNSSEC-589].
* OPENDNSSEC-481: libhsm: Fix an off-by-one length check error.
* OPENDNSSEC-482: libhsm: Improved cleanup for C_FindObjects.
* OPENDNSSEC-515: Signer Engine: Don't replace tabs in RRs with whitespace.
* OPENDNSSEC-538: libhsm: Possible memory corruption in hsm_get_slot_id.
* Signer Engine: Fix a race condition when stopping daemon.
* OPENDNSSEC-586: enforcer & ods-ksmutil: Improve logging on key creation and alloctaion.
* OPENDNSSEC-588: ods-ksmutil: Exported value of <Parent><SOA><TTL> in 'policy export' output could be wrong on MySQL.

* https://dist.opendnssec.org/source/testing/opendnssec-1.3.17rc1.tar.gz
* https://dist.opendnssec.org/source/testing/opendnssec-1.3.17rc1.tar.gz.sig
* Checksum SHA1: 89f7c3b734080ef0472bcf39e11801b20d305e8d
* Checksum SHA256: 0a38bd01a4aee2328b1129621c979eef72e6ed8fce6f39da6f53b8485eb658cd

A full OpenDNSSEC 1.3.17 release is planned for Tuesday 6th May

//OpenDNSSEC team

More information about the Opendnssec-develop mailing list