[Opendnssec-maintainers] RE: 1.4.1 release candidate

Sara Dickinson sara at sinodun.com
Wed Jun 19 10:58:50 UTC 2013


Version 1.4.1rc1 of OpenDNSSEC is now available. This is a release candidate for testing purposes:

OpenDNSSEC 1.4.1rc1 - 2013-06-19
* SUPPORT-58: Extend ods-signer sign <zone> with --serial <nr> so that the user can specify the SOA serial to use in the signed zone [OPENDNSSEC-401].
* OPENDNSSEC-91: Make the keytype flag required when rolling keys
* SUPPORT-60: Fix datecounter in case inbound serial is higher than outbound serial [OPENDNSSEC-420].
* OPENDNSSEC-247: Signer Engine: TTL on NSEC3 was not updated on SOA Minimum change.
* OPENDNSSEC-421: Signer Engine: Fix assertion error in case NSEC3 hash algorithm in signconf is not SHA1.
* OPENDNSSEC-421: ods-kaspcheck: Check whether NSEC3 hash algorithm in kasp is valid.
* Bugfix: The time when inbound serial is acquired was reset invalidly could cause OpenDNSSEC wanting AXFR responses while requesting IXFR (thanks Stuart Lau).
* Bugfix: Fix malform in Outbound IXFR/TCP subsequent packet (thanks Stuart Lau).
* OPENDNSSEC-398: The ods-ksmutil key rollover command does not work correctly when rolling all keys using the --policy option

* https://dist.opendnssec.org/source/testing/opendnssec-1.4.1rc1.tar.gz
* https://dist.opendnssec.org/source/testing/opendnssec-1.4.1rc1.tar.gz.sig
* Checksum sha1: b19e80d4ab9b93c3a34cb9858241716ee67ad85d
* Checksum sha256: b6728d2bafe3e5678e1f1676d165d78e0812e4f2896fac0fe3bbe8267e8e841a

A full 1.4.1 release is planned for Wednesday 26th June.

//OpenDNSSEC team

More information about the Opendnssec-maintainers mailing list