SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for ldns-1.6.17-34.3.x86_64.rpm :
Tue May 10 14:00:00 2016 mrueckertAATTsuse.de
- disable python because the bindings dont match the old python
version either

Tue May 10 14:00:00 2016 mrueckertAATTsuse.de
- disable perl on sle11 as it needs at least 5.14.2

Tue May 10 14:00:00 2016 mrueckertAATTsuse.de
- fix building on SLE11 by disabling gost

Tue Sep 1 14:00:00 2015 dimstarAATTopensuse.org
- Add ldns-perl-5.22.patch: Fix build with perl 5.22.

Thu May 22 14:00:00 2014 mrueckertAATTsuse.de
- update to 1.6.17

* Fix ldns_dnssec_zone_new_frm_fp_l to allow the last parsed line of a
zone to be an NSEC3 (or its RRSIG) covering an empty non terminal.

* Add --disable-dane option to configure and check availability of the
for dane needed X509_check_ca function in openssl.

* bugfix #490: Get rid of type-punned pointer warnings.
Thanks Adam Tkac.

* Make sure executables are linked against libcrypto with the
LIBSSL_LDFLAGS. Thanks Leo Baltus.

* Miscellaneous prototype fixes. Thanks Dag-Erling Smørgrav.

* README now shows preferred way to configure for examples and drill.

* Bind to source address for resolvers. drill binds to source with -I.
Thanks Bryan Duff.

* -T option for ldns-dane that has specific exit status for PKIX
validated connections without (secure) TLSA records.

* Fix b{32,64}_{ntop,pton} detection and handling.

* New RR type TKEY, but without operational practice.

* New RR types HIP, NINFO, RKEY, CDS, EUI48, EUI64, URI, CAA and TA.

* New output format flag (and accompanying functions) to print certain
RR\'s as unknown type

* -u and -U parameter for ldns-read-zone to mark/unmark a RR type
for printing as unknown type

* bugfix #504: GPOS RR has three rdata fields. Thanks Jelte Jansen.

* bugfix #497: Properly test for EOF when reading key files with drill.

* New functions: ldns_pkt_ixfr_request_new and
ldns_pkt_ixfr_request_new_frm_str.

* Use SNI with ldns-dane

* bugfix #507: ldnsx Fix use of non-existent variables and not
properly referring to instance variable. Patch from shussain.

* bugfix #508: ldnsx Adding NSEC3PARAM to known/allowable RR type
dictionary. Patch from shussain.

* bugfix #517: ldns_resolver_new_frm_fp error when invoked using a NULL
file pointer.

* Fix memory leak in contrib/python: ldns_pkt.new_query.

* Fix buffer overflow in fget_token and bget_token.

* ldns-verify-zone NSEC3 checking from quadratic to linear performance.
Thanks NIC MX (nicmexico.mx)

* ldns-dane setup new ssl session for each new connect to prevent hangs

* bugfix #521: drill trace continue on empty non-terminals with NSEC3

* bugfix #525: Fix documentation of ldns_resolver_set_retry

* Remove unused LDNS_RDF_TYPE_TSIG and associated functions.

* Fix ldns_nsec_covers_name for zones with an apex only. Thanks Miek.

* Configure option to build perl bindings: --with-p5-dns-ldns
(DNS::LDNS is a contribution from Erik Ostlyngen)

* bugfix #527: Move -lssl before -lcrypto when linking

* Optimize TSIG digest function name comparison (Thanks Marc Buijsman)

* Compare names case insensitive with ldns_pkt_rr_list_by_name and
ldns_pkt_rr_list_by_name_and_type (thanks Johannes Naab)

* A separate --enable for each draft RR type: --enable-rrtype-ninfo,
- -enable-rrtype-rkey, --enable-rrtype-cds, --enable-rrtype-uri and
- -enable-rrtype-ta

* bugfix #530: Don\'t sign and verify duplicate RRs (Thanks Jelte Jansen)

* bugfix #505: Manpage and usage output fixes (Thanks Tomas Hozza)

* Adjust ldns_sha1() so that the input data is not modified (Thanks
Marc Buijsman)

* Messages to stderr are now off by default and can be reenabled with
the --enable-stderr-msgs configure option.
- enable rrtype-ninfo, rrtype-rkey, rrtype-cds, rrtype-uri, rrtype-ta
- build pyldnsx bindings
- build perl bindings
- pass the path to our CA store

Mon Jan 21 13:00:00 2013 johann.luceAATTwanadoo.fr
- Fix spec file for submit in Server:dns repos

Mon Dec 3 13:00:00 2012 johann.luceAATTwanadoo.fr
- Upgrade to 1.6.16
1.6.16 2012-11-13

* Fix Makefile to build pyldns with BSD make

* Fix typo in exporting b32_
* symbols to make pyldns load again

* Allow leaving the RR owner name empty in ldns-testns datafiles.

* Fix fail to create NSEC3 bitmap for empty non-terminal (bug
introduced in 1.6.14).
1.6.15 2012-10-25

* Remove LDNS_STATUS_EXISTS_ERR from ldns/error.h to make ldns
binary compatible with earlier releases again.
1.6.14 2012-10-23

* DANE support (RFC6698), including ldns-dane example tool.

* Configurable default CA certificate repository for ldns-dane with
- -with-ca-file=CAFILE and --with-ca-path=CAPATH

* Configurable default trust anchor with --with-trust-anchor=FILE
for drill, ldns-verify-zone and ldns-dane

* bugfix #474: Define socklen_t when undefined (like in Win32)

* bugfix #473: Dead code removal and resource leak fix in drill

* bugfix #471: Let ldns_resolver_push_dnssec_anchor accept DS RR\'s too.

* Various bugfixes from code reviews from CZ.NIC and Paul Wouters

* ldns-notify TSIG option argument checking

* Let ldns_resolver_nameservers_randomize keep nameservers and rtt\'s
in sync.

* Let ldns_pkt_push_rr now return false on (memory) errors.

* Make buffer_export comply to documentation and fix buffer2str

* Various improvements and fixes of pyldns from Katel Slany
now documented in their own Changelog.

* bugfix: Make ldns_resolver_pop_nameserver clear the array when
there was only one.

* bugfix #459: Remove ldns_symbols and export symbols based on regex

* bugfix #458: Track all newly created signatures when signing.

* bugfix #454: Only set -g and -O2 CFLAGS when no CFLAGS was given.

* bugfix #457: Memory leak fix for ldns_key_new_frm_algorithm.

* pyldns memory handling fixes and the python3/ldns-signzone.py
examples script contribution from Karel Slany.

* bugfix #450: Base # bytes for P, G and Y (T) on the guaranteed
to be bigger (or equal) P in ldns_key_dsa2bin.

* bugfix #449: Deep free cloned rdf\'s in ldns_tsig_mac_new.

* bugfix #448: Copy nameserver value (in stead of reference) of the
answering nameserver to the answer packet in ldns_send_buffer, so
the original value may be deep freed with the ldns_resolver struct.

* New -0 option for ldns-read-zone to replace inception, expiration
and signature rdata fields with (null). Thanks Paul Wouters.

* New -p option for ldns-read-zone to prepend-pad SOA serial to take
up ten characters.

* Return error if printing RR fails due to unknown/null RDATA.

Sun Jun 10 14:00:00 2012 johann.luceAATTwanadoo.fr
- Upgrade to 1.6.13

* New -S option for ldns-verify-zone to chase signatures online.

* New -k option for ldns-verify-zone to validate using a trusted key.

* New inception and expiration margin options (-i and -e) to
ldns-verify-zone.

* New ldns_dnssec_zone_new_frm_fp and ldns_dnssec_zone_new_frm_fp_l
functions.

* New ldns_duration
* functions (copied from OpenDNSSEC source)

* fix ldns-verify-zone to allow NSEC3 signatures to come before
the NSEC3 RR in all cases. Thanks Wolfgang Nagele.

* Zero the correct flag (opt-out) when creating NSEC3PARAMS.
Thanks Peter van Dijk.

* Canonicalize RRSIG\'s Signer\'s name too when validating, because
bind and unbound do that too. Thanks Peter van Dijk.

* bugfix #433: Allocate rdf using ldns_rdf_new in ldns_dname_label

* bugfix #432: Use LDNS_MALLOC & LDNS_FREE i.s.o. malloc & free

* bugfix #431: Added error message for LDNS_STATUS_INVALID_B32_EXT

* bugfix #427: Explicitely link ssl with the programs that use it.

* Fix reading \\DDD: Error on values that are outside range (>255).

* bugfix #429: fix doxyparse.pl fails on NetBSD because specified
path to perl.

* New ECDSA support (RFC 6605), use --disable-ecdsa for older openssl.

* fix verifying denial of existence for DS\'s in NSEC3 Opt-Out zones.
Thanks John Barnitz

Thu Apr 19 14:00:00 2012 johann.luceAATTwanadoo.fr
- Upgrade in 1.6.12

* bugfix #413: Fix manpage source for srcdir != builddir

* Canonicalize the signers name rdata field in RRSIGs when signing

* Ignore minor version of Private-key-format (so v1.3 may be used)

* Allow a check_time to be given in stead of always checking against
the current time. With ldns-verify-zone the check_time can be set
with the -t option.

* Added functions for updating and manipulating SOA serial numbers.
ldns-read-zone has an option -S for updating and manipulating the
serial numbers.

* The library Makefile is now GNU and BSD make compatible.

* bugfix #419: NSEC3 validation of a name covered by a wildcard with
no data.

* Two new options (--with-drill and --with-examples) to the main
configure script (in the root of the source tree) to build drill
and examples too.

* Fix days_since_epoch to year_yday calculation on 32bits systems.

Tue Jan 10 13:00:00 2012 dimstarAATTopensuse.org
- Add openssl-devel Requires to -devel package: dnssec.h includes
ssl.h, which in turn is provided by openssl-devel. Without this
Requires, depending packages need to be aware of underlying
implementations of ldns.

Mon Oct 17 14:00:00 2011 lnusselAATTsuse.de
- new version 1.6.11

* new ldnsx python module

* fix heap overflow (bnc#720277, CVE-2011-3581)

Wed May 25 14:00:00 2011 lnusselAATTsuse.de
- new version 1.6.9
- enable python bindings, used by sshfp\'s dane tool
- merge with Factory version

Mon Apr 27 14:00:00 2009 crrodriguezAATTsuse.de
- initial version, required by unbound

Wed May 21 14:00:00 2008 mrueckertAATTsuse.de
- fix the rpmlint warnings

Wed May 21 14:00:00 2008 mrueckertAATTsuse.de
- update to 1.3.0.pre20080229 (taken from unbound-1.0.0 tarball)
required version update to make it work with unbound

Wed May 21 14:00:00 2008 mrueckertAATTsuse.de
- initial package


 
ICM