[ldns-users] ldns 1.6.11 released

Willem Toorop willem at NLnetLabs.nl
Thu Sep 29 14:54:11 UTC 2011 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

Version 1.6.11 of ldns is now available.

Best regards,

Willem Toorop

link: http://www.nlnetlabs.nl/downloads/ldns/ldns-1.6.11.tar.gz
sha1: 2c4537eee39a1af63e8dde4f35498ce78c968c1f

1.6.112011-09-29
* bugfix #394: Fix socket leak on errors
* bugfix #392: Apex only and percentage checks for ldns-verify-zone
  (thanks Miek Gieben)
* bugfix #398: Allow NSEC RRSIGs before the NSEC3 in ldns-verify-zone
* Fix python site package path from sitelib to sitearch for pyldns.
* Fix python api to support python2 and python3 (thanks Karel Slany).
* bugfix #401: Correction of date/time functions algorithm and
  prevention of an infinite loop therein
* bugfix #402: Correct the minimum and maximum number of rdata fields
  in TSIG. (thanks David Keeler)
* bugfix #403: Fix heap overflow (thanks David Keeler)
* bugfix #404: Make parsing APL strings more robust
  (thanks David Keeler)
* bugfix #391: Complete library assessment to prevent assertion errors
  through ldns_rdf_size usage.
* Slightly more specific error messaging on wrong number of rdata
  fields with the LDNS_STATUS_MISSING_RDATA_FIELDS_RRSIG and
  LDNS_STATUS_MISSING_RDATA_FIELDS_KEY result codes.
* bugfix #406: More rigorous openssl result code handling to prevent
  future crashes within openssl.
* Fix ldns_fetch_valid_domain_keys to search deeper than just one level
  for a DNSKEY that signed a DS RR. (this function was used in the
  check_dnssec_trace nagios module)
* bugfix #407: Canonicalize TSIG dnames and algorithm fields
* A new output specifier to accommodate configuration of what to show
  in comment texts when converting host and/or wire-format data to
  string. All conversion to string and printing functions have a new
  version that have such a format specifier as an extra argument.
  The default is changed so that only DNSKEY RR's are annotated with
  an comment show the Key Tag of the DNSKEY.
* Fixed the ldns resolver to not mark a nameserver unreachable when
  edns0 is tried unsuccessfully with size 4096 (no return packet came),
  but to still try TCP. A big UDP packet might have been corrupted by
  fragments dropping firewalls.
* Update of libdns.vim (thanks Miek Gieben)
* Added the ldnsx Python module to our contrib section, which adds even
  more pythonisticism to the usage of ldns with  Python. (Many thanks
  to Christpher Olah and Paul Wouters)
  The ldnsx module is automatically installed when --with-pyldns is
  used with configuring, but may explicitly be excluded with the
  --without-pyldnsx option to configure.
* bugfix #410: Fix clearing out temporary data on stack in sha2.c
* bugfix #411: Don't let empty non-terminal NSEC3s cause assertion
  failure.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJOhIaTAAoJEOX4+CEvd6SYXjcQAJMuBZCmNxco30NXh2sS6f3L
F6s45imE6X8va5PXIIkQoTJjErhx9POMWPCuKJe+aBDrcZ0m3/Bveyo43zCeLEKE
YKWZaTmb2cL14uAzr1KAMDtNiL6lHmzryTEErBtxb9uY6Vfcv17nBFBQLp62zIZ/
wOzTFjYUTUHZA7Ub/dUApRR1WHHbZeIVP9zRN7cnnTsgjwm80NMs5dGoZTpTeGLb
DjZae3/+UMyuwCeFUR9qdqoLBNS7SuRZ2M1U7NAB6dsyly21MS/P+uWF1wgWcvhX
uVWgb9x8O1gjEeT2kMpsIozW05aNnEDrdLxgExFaoWTOLqGfXFq1+5uEsOgVXBxY
tbjV6f104E5SJ1aRSenxcc2vEq4QnYKJYjZLCO3dzw6YYZL4fx9vlhf8YBvRzyuc
gdBWNLvQWbfxWZrIvd5ZEkA5ubdBcorecFBuOQrbiDxvbf+2JFR7XY67D1p2N2Vg
eNxKPz5TN8aqnNgLc+MTsbajnLk3tSnf5kASzvbuHiFpDP0HsHenIKB6FuyCdmKP
0T1HCZi70RbdhBgGu83M1HJRmfTkReS1jX2poRv065gzaBXPrK1wNQ+HM6iPHN9f
yvI5DOX5bTQCp5YnZJAiERhDm3kMzM9+5AwXiVi8eQ7XyNvPr/EATL+Fjfv4tbt2
rS2UVVmJkl0PZ2YDuTaH
=L2NH
-----END PGP SIGNATURE-----

More information about the ldns-users mailing list