[Opendnssec-maintainers] OpenDNSSEC 1.4.8

Yuri Schaeffer yuri at nlnetlabs.nl
Mon Oct 5 10:22:48 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Version 1.4.8 of OpenDNSSEC has now been released. There have been no
changes since rc1.

NEWS:

* Support for RFC5011 style KSK rollovers. KSK section in the KASP now
  accepts <RFC5011/> element.
* Enforcer: New repository option <AllowExtraction/> allows to generate
  keys with CKA_EXTRACTABLE attribute set to TRUE so keys can be wrapped
  and extracted from HSM.

Bugfixes:
* SUPPORT-145: EOF handling an ARM architecture caused signer to hang.
* Fixed signer hitting assertion on short reply XFR handler.
* Include revoke bit in keytag calculation.
* Increased stacksize on some systems (thanks Patrik Lundin!).
* Stop ods-signerd on SIGINT.


Download:

* https://dist.opendnssec.org/source/testing/opendnssec-1.4.8.tar.gz
* https://dist.opendnssec.org/source/testing/opendnssec-1.4.8.tar.gz.sig
* Checksum SHA256:
a9742839e8ea49cae4cf98081722f943170defc727450ebed7cdcffb2deb0fff


// OpenDNSSEC team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iEYEARECAAYFAlYST3cACgkQI3PTR4mhaviTgACeI28CnF20E1XPFigFDHwMWHNr
njUAnjF6KrJEzz6acz+QQ+uG919tIeLG
=Dz/q
-----END PGP SIGNATURE-----



More information about the Opendnssec-maintainers mailing list