[Opendnssec-maintainers] OpenDNSSEC 1.4.4rc1 release candidate

Sara Dickinson sara at sinodun.com
Mon Mar 17 10:10:59 UTC 2014


All, 

Version 1.4.4rc1 of OpenDNSSEC is now available. This is a release candidate for testing purposes:


OpenDNSSEC 1.4.4rc1 
--------------------------------

Updates:
* SUPPORT-114: libhsm: Optimize storage in HSM by deleting the public key directly if SkipPublicKey is used [OPENDNSSEC-574].
* OPENDNSSEC-358: ods-ksmutil: Extend 'key list' command with options to filter on key type and state. This allows keys in the GENERATE and DEAD state to be output.
* OPENDNSSEC-549: Signer Engine: Put NSEC3 records on empty non-terminals derived from unsigned delegations (be compatible with servers that are incompatible with RFC 5155 errata 3441).

Bugfixes:
* SUPPORT-86: Fixed build on OS X [OPENDNSSEC-512].
* SUPPORT-97: Signer Engine: Fix after restart signer thinks zone has expired [OPENDNSSEC-526].
* SUPPORT-101: Signer Engine: Fix multiple zone transfer to single file bug [OPENDNSSEC-529].
* SUPPORT-102: Signer Engine: Fix statistics (count can be negative)/
* SUPPORT-108: Signer Engine: Don't replace tabs in RRs with whitespace [OPENDNSSEC-520].
* SUPPORT-116: ods-ksmutil: 'key import' date validation fails on certain dates [OPENDNSSEC-553].
* SUPPORT-128: ods-ksmutil. Man page had incorrect formatting [OPENDNSSEC-576].
* SUPPORT-127: ods-signer: Fix manpage sections.
* OPENDNSSEC-457: ods-ksmutil: Add a check on the 'zone add' input/output type parameter to allow only File or DNS.  
* OPENDNSSEC-481: libhsm: Fix an off-by-one length check error.
* OPENDNSSEC-482: libhsm: Improved cleanup for C_FindObjects.
* OPENDNSSEC-531: ods-ksmutil: Exported value of <Parent><SOA><TTL> in 'policy export' output could be wrong on MySQL.
* OPENDNSSEC-537: libhsm: Possible memory corruption in hsm_get_slot_id.
* OPENDNSSEC-544: Signer Engine: Fix assertion error that happens on an IXFR request with EDNS.
* OPENDNSSEC-546: enforcer & ods-ksmutil: Improve logging on key creation and alloctaion.
* OPENDNSSEC-560: Signer Engine: Don't crash when unsigned zone has no SOA.
* Signer Engine: Fix a race condition when stopping daemon.

Download:
* https://dist.opendnssec.org/source/testing/opendnssec-1.4.4rc1.tar.gz
* https://dist.opendnssec.org/source/testing/opendnssec-1.4.4rc1.tar.gz.sig
* Checksum sha1: b0618c9101c05c910ec5fa51781d992e9810eab7
* Checksum sha256: 4dea873ae6523f7ee3ef834ffd1709a21304de0837dc74b9d93236eba0429dd8

A full OpenDNSSEC 1.4.4 release is planned for Monday 24th March.


//OpenDNSSEC team



More information about the Opendnssec-maintainers mailing list