---
- branch: MAIN
  date: Sat Jun 15 16:42:48 UTC 2013
  files:
  - new: '1.33'
    old: '1.32'
    path: pkgsrc/security/opendnssec/Makefile
    pathrev: pkgsrc/security/opendnssec/Makefile@1.33
    type: modified
  - new: '1.20'
    old: '1.19'
    path: pkgsrc/security/opendnssec/distinfo
    pathrev: pkgsrc/security/opendnssec/distinfo@1.20
    type: modified
  - new: '1.6'
    old: '1.5'
    path: pkgsrc/security/opendnssec/patches/patch-aa
    pathrev: pkgsrc/security/opendnssec/patches/patch-aa@1.6
    type: modified
  id: 20130615T164248Z.227542f68675aa29793792f6e7103a0f185ac3cf
  log: |
    OpenDNSSEC 1.3.14 - 2013-05-16

    * OPENDNSSEC-367: ods-ksmutil: Require user confirmation if the algorithm for
      a key is changed in a policy (as this rollover is not handled cleanly)
    * OPENDNSSEC-91: Make the keytype flag required when rolling keys
    * OPENDNSSEC-403: Signer Engine: new command 'ods-signer locks' that shows
      locking information (for debugging purposes).

    Bugfixes:
    * OPENDNSSEC-247: Signer Engine: TTL on NSEC3 was not updated on SOA
      Minimum change.
    * OPENDNSSEC-396: Use TTLs from kasp when generating DNSKEY and DS records for
      output.
    * OPENDNSSEC-398: The ods-ksmutil key rollover command does not work correctly
      when rolling all keys using the --policy option
    * SUPPORT-40: Signer Engine: Keep occluded data in signed zone files/transfers.
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/security/opendnssec'
  unixtime: '1371314568'
  user: pettai