[Opendnssec-maintainers] OpenDNSSEC 1.3.16

Sara Dickinson sara at sinodun.com
Wed Dec 4 14:47:16 UTC 2013


All, 

Version 1.3.16 of OpenDNSSEC has now been released:


Updates:

* SUPPORT-72: Improve logging when failed to increment serial in case of key rollover and serial value "keep" [OPENDNSSEC-441].
* OPENDNSSEC-436: NSEC3PARAM TTL can now be optionally configured in kasp.xml. Default value remains PT0S.
* OPENDNSSEC-458: Add 'ods-enforcerd -p <policy>' option. This prompts the enforcer to run once and only process the specified policy and associated zones. 
* OPENDNSSEC-460: ods-ksmutil: Add an option to the 'ods-ksmutil key ds-seen' command so the user can choose not to notify the enforcer.
* OPENDNSSEC-472: ods-ksmutil: Add option for 'ods-ksmutil key import' to check if there is a matching key in the repository before import.
* OPENDNSSEC-473: ods-ksmutil: Improve 'zone add' - Support default <input> and <output> values for DNS adapters.

Bugfixes:

* OPENDNSSEC-451: Signer Engine: Prevent CKA_ID and DNSKEY mixup by using a separate HSM context when loading signer configuration.
* OPENDNSSEC-462: Signer Engine: Duration PT0S is not printed correctly.
* ods-ksmutil: Fix typo in policy export with NSEC3 <Iterations>.

Documentation:

* http://wiki.opendnssec.org/display/DOCS13

Download:

* http://dist.opendnssec.org/source/opendnssec-1.3.16.tar.gz
* http://dist.opendnssec.org/source/opendnssec-1.3.16.tar.gz.sig
* Checksum sha1: 4d81517cc99f8120f773c2af772b17eb5714f793
* Checksum sha256: fa0fe18757a19d6b03e27c2c76f291d61a735f14c2661725df4e569e0be1d04c


//OpenDNSSEC team





More information about the Opendnssec-maintainers mailing list