Summary: | [MAINTAINER] dns/opendnssec2: update to version 2.1.6 | ||||||
---|---|---|---|---|---|---|---|
Product: | Ports & Packages | Reporter: | Jaap Akkerhuis <jaap> | ||||
Component: | Individual Port(s) | Assignee: | Kurt Jaeger <pi> | ||||
Status: | Closed FIXED | ||||||
Severity: | Affects Only Me | CC: | pi | ||||
Priority: | --- | ||||||
Version: | Latest | ||||||
Hardware: | Any | ||||||
OS: | Any | ||||||
Attachments: |
|
Committed, thanks! A commit references this bug: Author: pi Date: Tue Feb 11 20:11:58 UTC 2020 New revision: 525890 URL: https://svnweb.freebsd.org/changeset/ports/525890 Log: dns/opendnssec2: upgrade 2.1.4 -> 2.1.6 This release of 2.1.6 fixes some issues regarding the key list wrongfully displayed (a regression bug in 2.1.5) as well as a small leak in the enforcer (which can add up when you bang the enforcer with a lot of commands. And as well as a serious signing error when using Combined Signing Keys (CSKs), this is only relevant if you combine KSK and ZSK in one. Especially users of CSKs need this fix now. Another nice fix is a reconnect to a MySQL/MariaDB database you you don't have to tweak database parameters. PR: 244047 Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer) Relnotes: https://www.opendnssec.org/2019/11/opendnssec-2-1-5/ https://www.opendnssec.org/2020/02/opendnssec-2-1-6/ Changes: head/dns/opendnssec2/Makefile head/dns/opendnssec2/distinfo head/dns/opendnssec2/files/opendnssec.in |
Created attachment 211563 [details] patch to update This update also includes the update to version 2.1.5. Find below the notes for release 2.1.6 and 2.1.5 This release of 2.1.6 fixes some issues regarding the key list wrongfully displayed (a regression bug in 2.1.5) as well as a small leak in the enforcer (which can add up when you bang the enforcer with a lot of commands. And as well as a serious signing error when using Combined Signing Keys (CSKs), this is only relevant if you combine KSK and ZSK in one. Especially users of CSKs need this fix now. Another nice fix is a reconnect to a MySQL/MariaDB database you you don't have to tweak database parameters. Fixes - OPENDNSSEC-913: verify database connection upon every use. - OPENDNSSEC-944: bad display of date of next transition (regression) - SUPPORT-250: missing signatures on using combined keys (CSK) - OPENDNSSEC-945: memory leak per command to enforcer. - OPENDNSSEC-946: unclean enforcer exit in case of certain config problems. - OPENDNSSEC-411: set-policy command to change policy of zone (experimental). Requestes explicit enforce command to take effect. The 2.1.5 release is available immediately from the download site. Installations still on the 1.4 release should really upgrade to this version as it has been tested enough by major players. Fixes - SUPPORT-245: Resolve memory leak in signer introduced in 2.1.4. - SUPPORT-244: Don’t require Host and Port to be specified in conf.xml when migrating with a MySQL-based enforcer database backend. - Allow for MySQL database to pre-exist when performing a migration, and be a bit more verbose during migration. - Fix AllowExtraction tag in configuration file definition. - SUPPORT-242: Skip over EDNS cookie option. - SUPPORT-240: Prevent exit of enforcer daemon upon interrupted interaction with CLI commands (when having > 1000 zones. - Corrected some error messages.