Now
MAIN commitmail json YAML
pkgsrc/security/opendnssec/Makefile@1.35
/
diff
pkgsrc/security/opendnssec/PLIST@1.5 / diff
pkgsrc/security/opendnssec/distinfo@1.21 / diff
pkgsrc/security/opendnssec/patches/patch-aa@1.7 / diff
pkgsrc/security/opendnssec/patches/patch-enforcer_utils_Makefile.am@1.1 / diff
pkgsrc/security/opendnssec/patches/patch-enforcer_utils_Makefile.in@1.1 / diff
pkgsrc/security/opendnssec/PLIST@1.5 / diff
pkgsrc/security/opendnssec/distinfo@1.21 / diff
pkgsrc/security/opendnssec/patches/patch-aa@1.7 / diff
pkgsrc/security/opendnssec/patches/patch-enforcer_utils_Makefile.am@1.1 / diff
pkgsrc/security/opendnssec/patches/patch-enforcer_utils_Makefile.in@1.1 / diff
Update OpenDNSSEC from version 1.3.14nb1 to 1.4.1.
Pkgsrc changes:
* Get rid of ruby dependencies, since the validator is no longer
included in OpenDNSSEC
* Adapt PLIST to changes in installed files
* Add a patch so that the database migration scripts are installed
as part of the package
Upstream notable changes:
* SUPPORT-58: Extend ods-signer sign <zone> with -serial <nr> so
that the user can specify the SOA serial to use in the signed
zone [OPENDNSSEC-401].
* OPENDNSSEC-91: Make the keytype flag required when rolling keys
Bugfixes:
* SUPPORT-60: Fix datecounter in case inbound serial is higher
than outbound serial [OPENDNSSEC-420].
* OPENDNSSEC-247: Signer Engine: TTL on NSEC3 was not updated on
SOA Minimum change.
* OPENDNSSEC-421: Signer Engine: Fix assertion error in case
NSEC3 hash algorithm in signconf is not SHA1.
* OPENDNSSEC-421: ods-kaspcheck: Check whether NSEC3 hash algorithm
in kasp is valid.
* Bugfix: The time when inbound serial is acquired was reset
invalidly, could cause OpenDNSSEC wanting AXFR responses while
requesting IXFR (thanks Stuart Lau).
* Bugfix: Fix malform in Outbound IXFR/TCP subsequent packet
(thanks Stuart Lau).
* OPENDNSSEC-398: The ods-ksmutil key rollover command does not
work correctly when rolling all keys using the -policy option
Pkgsrc changes:
* Get rid of ruby dependencies, since the validator is no longer
included in OpenDNSSEC
* Adapt PLIST to changes in installed files
* Add a patch so that the database migration scripts are installed
as part of the package
Upstream notable changes:
* SUPPORT-58: Extend ods-signer sign <zone> with -serial <nr> so
that the user can specify the SOA serial to use in the signed
zone [OPENDNSSEC-401].
* OPENDNSSEC-91: Make the keytype flag required when rolling keys
Bugfixes:
* SUPPORT-60: Fix datecounter in case inbound serial is higher
than outbound serial [OPENDNSSEC-420].
* OPENDNSSEC-247: Signer Engine: TTL on NSEC3 was not updated on
SOA Minimum change.
* OPENDNSSEC-421: Signer Engine: Fix assertion error in case
NSEC3 hash algorithm in signconf is not SHA1.
* OPENDNSSEC-421: ods-kaspcheck: Check whether NSEC3 hash algorithm
in kasp is valid.
* Bugfix: The time when inbound serial is acquired was reset
invalidly, could cause OpenDNSSEC wanting AXFR responses while
requesting IXFR (thanks Stuart Lau).
* Bugfix: Fix malform in Outbound IXFR/TCP subsequent packet
(thanks Stuart Lau).
* OPENDNSSEC-398: The ods-ksmutil key rollover command does not
work correctly when rolling all keys using the -policy option