Bump version 2.6.0, update NEWSv2.6.0

2 files changed, 92 insertions, 6 deletions

diff --git a/NEWS b/NEWS
index 4c96b9bf9..41712339b 100644
--- a/NEWS
+++ b/NEWS
@@ -1,12 +1,98 @@
-Knot DNS 2.6.0-dev (2017-xx-xx)
-===============================
+Knot DNS 2.6.0 (2017-09-29)
+===========================
+
+Features:
+---------
+ - On-slave (inline) signing support
+ - Automatic DNSSEC key algorithm rollover
+ - Ed25519 algorithm support in DNSSEC (requires GnuTLS 3.6.0)
+ - New 'journal-content' and 'zonefile-load' configuration options
+ - keymgr tries to run as user/group set in the configuration
+ - Public-only DNSSEC key import into KASP DB via keymgr
+ - NSEC3 resalt and parent DS query events are persistent in timer DB
+ - New processing state for a response suppression within a query module
+ - Enabled server side TCP Fast Open if supported
+ - TCP Fast Open support in kdig
+
+Improvements:
+-------------
+ - Better record owner compression if related to the previous rdata dname
+ - NSEC(3) chain is no longer recomputed whole on every update
+ - Remove inconsistent and unnecessary quoting in log files
+ - Avoiding of overlapping key rollovers at a time
+ - More DNSSSEC-related semantic checks
+ - Extended timestamp format in keymgr
+
+Bugfixes:
+---------
+ - Incorrect journal free space computation causing inefficient space handling
+ - Interface-automatic broken on Linux in the presence of asymmetric routing
+
+Knot DNS 2.5.5 (2017-09-29)
+===========================
+
+Improvements:
+-------------
+ - Constant time memory comparison in the TSIG processing
+ - Proper use of the ctype functions
+ - Generated RRSIG records have inception time 90 minutes in the past
+
+Bugfixes:
+---------
+ - Incorrect online signature for NSEC in the case of a CNAME record
+ - Incorrect timestamps in dnstap records
+ - EDNS Subnet Client validation rejects valid payloads
+ - Module configuration semantic checks are not executed
+ - Kzonecheck segfaults with unusual inputs
+
+Knot DNS 2.5.4 (2017-08-31)
+===========================
+
+Improvements:
+-------------
+ - New minimum and maximum refresh interval config options (Thanks to Manabu Sonoda)
+ - New warning when unforced flush with disabled zone file synchronization
+ - New 'dnskey' keymgr command
+ - Linking with libatomic on architectures that require it (Thanks to Pierre-Olivier Mercier)
+ - Removed 'OK' from listing keymgr command outputs
+ - Extended journal and keymgr documentation and logging
+
+Bugfixes:
+---------
+ - Incorrect handling of specific corner-cases with zone-in-journal
+ - The 'share' keymgr command doesn't work
+ - Server crashes if configured with query-size and reply-size statistics options
+ - Malformed big integer configuration values on some 32-bit platforms
+ - Keymgr uses local time when parsing date inputs
+ - Memory leak in kdig upon IXFR query
+
+Knot DNS 2.5.3 (2017-07-14)
+===========================
+
+Features:
+---------
+ - CSK rollover support for Single-Type Signing Scheme
+
+Improvements:
+-------------
+ - Allowed binding to non-local adresses for TCP (Thanks to Julian Brost!)
+ - New documentation section for manual DNSSEC key algorithm rollover
+ - Initial KSK also generated in the submission state
+ - The 'ds' keymgr command with no parameter uses all KSK keys
+ - New debug mode in kjournalprint
+ - Updated keymgr documentation
+
+Bugfixes:
+---------
+ - Sometimes missing RRSIG by KSK in submission state.
+ - Minor DNSSEC-related issues
 
 Knot DNS 2.5.2 (2017-06-23)
 ===========================
 
 Security:
 ---------
- - Improper TSIG validity period check can allow TSIG forgery (Thanks to Synacktiv!)
+ - CVE-2017-11104: Improper TSIG validity period check can allow TSIG forgery (Thanks to Synacktiv!)
 
 Improvements:
 -------------
diff --git a/configure.ac b/configure.ac
index 849346053..37f453426 100644
--- a/configure.ac
+++ b/configure.ac
@@ -5,7 +5,7 @@ AC_PREREQ([2.60])
 m4_define([knot_VERSION_MAJOR],2)dnl
 m4_define([knot_VERSION_MINOR],6)dnl
 m4_define([knot_VERSION_PATCH],0)dnl
-m4_define([knot_VERSION_EXTRA],-dev)dnl
+m4_define([knot_VERSION_EXTRA],)dnl
 m4_define([knot_PKG_VERSION],[knot_VERSION_MAJOR.knot_VERSION_MINOR.knot_VERSION_PATCH]knot_VERSION_EXTRA)dnl
 
 AC_INIT([knot], knot_PKG_VERSION, [knot-dns@labs.nic.cz])
@@ -33,8 +33,8 @@ AC_DEFINE_UNQUOTED([CONFIGURE_CFLAGS],["$CFLAGS"],[Passed CFLAGS from environmen
 
 # Updating version info
 # https://www.gnu.org/software/libtool/manual/html_node/Updating-version-info.html
-AC_SUBST([libknot_VERSION_INFO],["-version-info 6:0:0"])
-AC_SUBST([libdnssec_VERSION_INFO],["-version-info 4:0:0"])
+AC_SUBST([libknot_VERSION_INFO],["-version-info 7:0:0"])
+AC_SUBST([libdnssec_VERSION_INFO],["-version-info 5:0:0"])
 AC_SUBST([libzscanner_VERSION_INFO],["-version-info 1:0:0"])
 
 # Automatically update release date based on configure.ac date