diff options
| author | Daniel Salzman <daniel.salzman@nic.cz> | 2017-06-23 10:32:22 +0200 |
|---|---|---|
| committer | Daniel Salzman <daniel.salzman@nic.cz> | 2017-06-23 10:32:22 +0200 |
| commit | 29d62ef166677256582348f5793264a216f692ed (patch) | |
| tree | b0deb2dcd8033cbe67bd83e27ec7d796506f027e /NEWS | |
| parent | Merge branch 'master' of gitlab.labs.nic.cz:labs/knot (diff) | |
| download | knot-29d62ef166677256582348f5793264a216f692ed.tar.xz knot-29d62ef166677256582348f5793264a216f692ed.zip | |
Bump version 2.5.2, update NEWSv2.5.2
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 28 |
1 files changed, 28 insertions, 0 deletions
@@ -1,3 +1,31 @@ +Knot DNS 2.5.2 (2017-06-23) +=========================== + +Security: +--------- + - Improper TSIG validity period check can allow TSIG forgery (Thanks to Synacktiv!) + +Improvements: +------------- + - Extended debug logging for TSIG errors + - Better error message for unknown module section in the configuration + - Module documentation compilation no longer depends on module configuration + - Extended policy section configuration semantic checks + - Improved python version compatibility in pykeymgr + - Extended migration section in the documentation + - Improved DNSSEC event timing on 32-bit systems + - New KSK rollover start log info message + - NULL qtype support in kdig + +Bugfixes: +--------- + - Failed to process included configuration + - dnskey_ttl policy option in the configuration has no effect on DNSKEY TTL + - Corner case journal fixes (huge changesets, OpenWRT operation) + - Confusing event timestamps in knotc zone-status output + - NSEC/NSEC3 bitmap not updated for CDS/CDNSKEY + - CDS/CDNSKEY RRSIG not updated + Knot DNS 2.5.1 (2017-06-07) =========================== |