[Opendnssec-user] Release of OpenDNSSEC 2.1.10

Berry van Halderen berry at nlnetlabs.nl
Sat Sep 11 11:04:46 UTC 2021


Dear all,

Just released, OpenDNSSEC 2.1.10, available immediately from our regular
download site:

https://dist.opendnssec.org/source/opendnssec-2.1.10.tar.gz

SHA256: c0a8427de241118dccbf7abc508e4dd53fb75b45e9f386addbadae7ecc092756

This release addresses an automatic resalting after a migration from 1.4
and an error manifesting as a key_data_update failure in the logs where
a retired key wasn't removed from the signer configuration in time in
certain circumstances.
Also an RPM is now provided for RHEL/CentOS distros at the same download
location:  https://dist.opendnssec.org/source/

\Berry

* OPENDNSSEC-957: Fix exit code signer daemon to not always report 
failure.
* OPENDNSSEC-958: Fix immediate resalting after migration from 1.4.
* OPENDNSSEC-959: Emit warning on ods-kaspcheck for NSEC iteration count
   that is deemed too high.
* SUPPORT-265: Resolve conflict when deleting keys from HSM whilst
   also performing step in key roll process.  Typically a message
   "key_data_update failed" is present in logs.
* Provided RedHat/CentOS spec file in contrib directory.


More information about the Opendnssec-user mailing list