Discussion:
[Opendnssec-user] OpenDNSSEC 2.0.3 released
Yuri Schaeffer
2016-10-17 08:03:40 UTC
Permalink
Dear community,

Hereby we announce the OpenDNSSEC 2.0.3 release. Most of the changes are
related to further smoothing the migration path from OpenDNSSEC 1.4 to
2.0. If you still need to migrate from 1.4.10 please migrate to 2.0.3
directly rather than from 2.0.1. Another important fix is a memory leak
in the signer. It would cause a high memory usage for installations with
very frequent outgoing IXFR's.

Changes:

* OpenDNSSEC-839: update all no longer deletes zones or policies.
Policy import now has a --remove-missing-policies option. (thanks
David Peall)
* OpenDNSSEC-840: Fix migration script to correctly interpret SOA
serial strategy.
* OPENDNSSEC-843: MaxZoneTTL defaults to 0 instead of 1 day.
* Migration script can handle converting a database with zones in
rollover better.
* Fixed incorrect behaviour when more than 2 ZSKs involved in roll.
* SUPPORT-201: Remove old keys from converted DB.
* OPENDNSSEC-845: Memory leak on IXFR out.


Download:
* https://dist.opendnssec.org/source/opendnssec-2.0.3.tar.gz
* https://dist.opendnssec.org/source/opendnssec-2.0.3.tar.gz.sig
* Checksum SHA256:
ebeb5481d696cf83c21c5dfbecce6ab5dcc73df1a08573ef257f2f6fe10f6214

Kind regards,
The OpenDNSSEC team
Fred.Zwarts
2016-11-14 07:59:58 UTC
Permalink
I have been on holidays, so I noticed this message only last week. I will
try the new version to check whether the problem with ZSK rollovers is
solved, when using more than one ZSK. This will take some time.
I already noticed that the output of "ods-enforcer backup list" has not yet
been changed into something readable. Is that still in the planning?
Post by Yuri Schaeffer
Dear community,
Hereby we announce the OpenDNSSEC 2.0.3 release. Most of the changes are
related to further smoothing the migration path from OpenDNSSEC 1.4 to
2.0. If you still need to migrate from 1.4.10 please migrate to 2.0.3
directly rather than from 2.0.1. Another important fix is a memory leak
in the signer. It would cause a high memory usage for installations with
very frequent outgoing IXFR's.
* OpenDNSSEC-839: update all no longer deletes zones or policies.
Policy import now has a --remove-missing-policies option. (thanks
David Peall)
* OpenDNSSEC-840: Fix migration script to correctly interpret SOA
serial strategy.
* OPENDNSSEC-843: MaxZoneTTL defaults to 0 instead of 1 day.
* Migration script can handle converting a database with zones in
rollover better.
* Fixed incorrect behaviour when more than 2 ZSKs involved in roll.
* SUPPORT-201: Remove old keys from converted DB.
* OPENDNSSEC-845: Memory leak on IXFR out.
* https://dist.opendnssec.org/source/opendnssec-2.0.3.tar.gz
* https://dist.opendnssec.org/source/opendnssec-2.0.3.tar.gz.sig
ebeb5481d696cf83c21c5dfbecce6ab5dcc73df1a08573ef257f2f6fe10f6214
Kind regards,
The OpenDNSSEC team
Yuri Schaeffer
2016-11-14 09:25:45 UTC
Permalink
Post by Fred.Zwarts
I already noticed that the output of "ods-enforcer backup list" has not
yet been changed into something readable. Is that still in the planning?
Hey you are right! That commit didn't make it in the 2.0.3 release. It
is in the develop branch however. Here's the git hash if you'd like to
patch it: ff0a88f4a1cd95353552156546955ea888731439

It should have gone in but I've missed it, sorry. We are planning to do
a 2.1 release before the end of the year.

//Yuri

Loading...