Bug 244047 - [MAINTAINER] dns/opendnssec2: update to version 2.1.6
Summary: [MAINTAINER] dns/opendnssec2: update to version 2.1.6
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Kurt Jaeger
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-02-11 13:16 UTC by Jaap Akkerhuis
Modified: 2020-02-11 20:12 UTC (History)
1 user (show)

See Also:


Attachments
patch to update (1.91 KB, patch)
2020-02-11 13:16 UTC, Jaap Akkerhuis
jaap: maintainer-approval+
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Jaap Akkerhuis 2020-02-11 13:16:01 UTC
Created attachment 211563 [details]
patch to update

This update also includes the update to version 2.1.5. Find below
the notes for release 2.1.6 and 2.1.5


This release of 2.1.6 fixes some issues regarding the key list
wrongfully displayed (a regression bug in 2.1.5) as well as a small
leak in the enforcer (which can add up when you bang the enforcer
with a lot of commands. And as well as a serious signing error when
using Combined Signing Keys (CSKs), this is only relevant if you
combine KSK and ZSK in one. Especially users of CSKs need this fix
now. Another nice fix is a reconnect to a MySQL/MariaDB database
you you don't have to tweak database parameters.

Fixes
- OPENDNSSEC-913: verify database connection upon every use.
- OPENDNSSEC-944: bad display of date of next transition (regression)
- SUPPORT-250: missing signatures on using combined keys (CSK)
- OPENDNSSEC-945: memory leak per command to enforcer.
- OPENDNSSEC-946: unclean enforcer exit in case of certain config
  problems.
- OPENDNSSEC-411: set-policy command to change policy of zone
  (experimental). Requestes explicit enforce command to take effect.


The 2.1.5 release is available immediately from the download site.
Installations still on the 1.4 release should really upgrade to this
version as it has been tested enough by major players.

Fixes
- SUPPORT-245: Resolve memory leak in signer introduced in 2.1.4.
- SUPPORT-244: Don’t require Host and Port to be specified in conf.xml
  when migrating with a MySQL-based enforcer database backend.
- Allow for MySQL database to pre-exist when performing a migration,
  and be a bit more verbose during migration.
- Fix AllowExtraction tag in configuration file definition.
- SUPPORT-242: Skip over EDNS cookie option.
- SUPPORT-240: Prevent exit of enforcer daemon upon interrupted
  interaction with CLI commands (when having > 1000 zones.
- Corrected some error messages.
Comment 1 Kurt Jaeger freebsd_committer 2020-02-11 20:12:01 UTC
Committed, thanks!
Comment 2 commit-hook freebsd_committer 2020-02-11 20:12:39 UTC
A commit references this bug:

Author: pi
Date: Tue Feb 11 20:11:58 UTC 2020
New revision: 525890
URL: https://svnweb.freebsd.org/changeset/ports/525890

Log:
  dns/opendnssec2: upgrade 2.1.4 -> 2.1.6

  This release of 2.1.6 fixes some issues regarding the key list
  wrongfully displayed (a regression bug in 2.1.5) as well as a small
  leak in the enforcer (which can add up when you bang the enforcer
  with a lot of commands. And as well as a serious signing error when
  using Combined Signing Keys (CSKs), this is only relevant if you
  combine KSK and ZSK in one. Especially users of CSKs need this fix
  now. Another nice fix is a reconnect to a MySQL/MariaDB database
  you you don't have to tweak database parameters.

  PR:		244047
  Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
  Relnotes:	https://www.opendnssec.org/2019/11/opendnssec-2-1-5/
  		https://www.opendnssec.org/2020/02/opendnssec-2-1-6/

Changes:
  head/dns/opendnssec2/Makefile
  head/dns/opendnssec2/distinfo
  head/dns/opendnssec2/files/opendnssec.in