Created attachment 224690 [details] Patch to update This release contains two changes that avoid some problems with certain HSM configuration, one of them is SoftHSMv2 in database back-end mode. This can lead to temporarily not being able to sign zones, hence upgrading is really recommended. It does not occur on all systems and configurations though. Issues OPENDNSSEC-955: Prevent concurrency between certain valid PKCS#11 HSM operations to avoid some keys to be (transiently) unavailable. OPENDNSSEC-956: Harden signing procedure to still sign zones for which there are unused keys specified in the zone which are unavailable.
Added URL
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=44de6e8bcfd0005587b55c534a857d83c81f04cb commit 44de6e8bcfd0005587b55c534a857d83c81f04cb Author: Jaap Akkerhuis <jaap@NLnetLabs.nl> AuthorDate: 2021-05-05 16:34:33 +0000 Commit: Neel Chauhan <nc@FreeBSD.org> CommitDate: 2021-05-05 16:35:54 +0000 dns/opendnssec2: Update to 2.1.9 Changes: https://www.opendnssec.org/2021/05/opendnssec-2-1-9/ PR: 255615 dns/opendnssec2/Makefile | 4 ++-- dns/opendnssec2/distinfo | 6 +++--- dns/opendnssec2/files/patch-configure (gone) | 10 ---------- 3 files changed, 5 insertions(+), 15 deletions(-)
Committed!