[Bug 244047] [MAINTAINER] dns/opendnssec2: update to version 2.1.6

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Tue Feb 11 13:16:02 UTC 2020 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=244047

            Bug ID: 244047
           Summary: [MAINTAINER] dns/opendnssec2: update to version 2.1.6
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs at FreeBSD.org
          Reporter: jaap at NLnetLabs.nl
 Attachment #211563 maintainer-approval+
             Flags:

Created attachment 211563
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=211563&action=edit
patch to update

This update also includes the update to version 2.1.5. Find below
the notes for release 2.1.6 and 2.1.5


This release of 2.1.6 fixes some issues regarding the key list
wrongfully displayed (a regression bug in 2.1.5) as well as a small
leak in the enforcer (which can add up when you bang the enforcer
with a lot of commands. And as well as a serious signing error when
using Combined Signing Keys (CSKs), this is only relevant if you
combine KSK and ZSK in one. Especially users of CSKs need this fix
now. Another nice fix is a reconnect to a MySQL/MariaDB database
you you don't have to tweak database parameters.

Fixes
- OPENDNSSEC-913: verify database connection upon every use.
- OPENDNSSEC-944: bad display of date of next transition (regression)
- SUPPORT-250: missing signatures on using combined keys (CSK)
- OPENDNSSEC-945: memory leak per command to enforcer.
- OPENDNSSEC-946: unclean enforcer exit in case of certain config
  problems.
- OPENDNSSEC-411: set-policy command to change policy of zone
  (experimental). Requestes explicit enforce command to take effect.


The 2.1.5 release is available immediately from the download site.
Installations still on the 1.4 release should really upgrade to this
version as it has been tested enough by major players.

Fixes
- SUPPORT-245: Resolve memory leak in signer introduced in 2.1.4.
- SUPPORT-244: Don’t require Host and Port to be specified in conf.xml
  when migrating with a MySQL-based enforcer database backend.
- Allow for MySQL database to pre-exist when performing a migration,
  and be a bit more verbose during migration.
- Fix AllowExtraction tag in configuration file definition.
- SUPPORT-242: Skip over EDNS cookie option.
- SUPPORT-240: Prevent exit of enforcer daemon upon interrupted
  interaction with CLI commands (when having > 1000 zones.
- Corrected some error messages.

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-ports-bugs mailing list