[Opendnssec-maintainers] OpenDNSSEC 1.4.1

Sara Dickinson sara at sinodun.com
Thu Jun 27 11:06:52 UTC 2013


Version 1.4.1 of OpenDNSSEC has now been released. This is the latest stable release.


* SUPPORT-58: Extend ods-signer sign <zone> with --serial <nr> so that the user can specify the SOA serial to use in the signed zone [OPENDNSSEC-401].
* OPENDNSSEC-91: Make the keytype flag required when rolling keys

* SUPPORT-60: Fix datecounter in case inbound serial is higher than outbound serial [OPENDNSSEC-420].
* OPENDNSSEC-247: Signer Engine: TTL on NSEC3 was not updated on SOA Minimum change.
* OPENDNSSEC-421: Signer Engine: Fix assertion error in case NSEC3 hash algorithm in signconf is not SHA1.
* OPENDNSSEC-421: ods-kaspcheck: Check whether NSEC3 hash algorithm in kasp is valid.
* Bugfix: The time when inbound serial is acquired was reset invalidly, could cause OpenDNSSEC wanting AXFR responses while requesting IXFR (thanks Stuart Lau).
* Bugfix: Fix malform in Outbound IXFR/TCP subsequent packet (thanks Stuart Lau).
* OPENDNSSEC-398: The ods-ksmutil key rollover command does not work correctly when rolling all keys using the --policy option


* http://wiki.opendnssec.org/display/DOCS


* http://dist.opendnssec.org/source/opendnssec-1.4.1.tar.gz
* http://dist.opendnssec.org/source/opendnssec-1.4.1.tar.gz.sig
* Checksum sha1: 90020d343456af0846b13c951a6a914109cb5d22
* Checksum sha256: 7795ba9f98f9c8292d5f9f9d6ffbf88352a6f77986f43acc1a30141f6027cc82

//OpenDNSSEC team

More information about the Opendnssec-maintainers mailing list