[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Unblock request for ldns 1.4.0-1

Hi,

I would like to request unblock ldns 1.4.0-1.  Unfortunately
version 1.3.0-1 which is in testing contains several critical
bugs.

Some tools doesn't work at all:
ldns-signzone (http://www.nlnetlabs.nl/bugs/show_bug.cgi?id=210)
ldns-read-zone (http://www.nlnetlabs.nl/bugs/show_bug.cgi?id=213)
ldns-compare-zone is completely broken (reported directly to upstream)

I have manually checked all rdepends (basically only unbound) that it
doesn't break anything this late in freeze.

Upstream changelog:
1.4.0
       Bug fixes:
       * sig chase return code fix (patch from Rafael Justo, bug id 189)
       * rdata.c memory leaks on error and allocation checks fixed (patch
         from Shane Kerr, bug id 188)
       * zone.c memory leaks on error and allocation checks fixed (patch
         from Shane Kerr, bug id 189)
       * ldns-zplit output and error messages fixed (patch from Shane Kerr,
         bug id 190)
       * Fixed potential buffer overflow in ldns_str2rdf_dname
       * Signing code no longer signs delegation NS rrsets
       * Some minor configure/makefile updates
       * Fixed a bug in the randomness initialization
       * Fixed a bug in the reading of resolv.conf
       * Fixed a bug concerning whitespace in zone data (with patch from Ondrej
         Sury, bug 213)
       * Fixed a small fallback problem in axfr client code

       API CHANGES:
       * added 2str convenience functions:
               - ldns_rr_type2str
               - ldns_rr_class2str
               - ldns_rr_type2buffer_str
               - ldns_rr_class2buffer_str
       * buffer2str() is now called ldns_buffer2str
       * base32 and base64 function names are now also prepended with ldns_
       * ldns_rr_new_frm_str() now returns an error on missing RDATA fields.
         Since you cannot read QUESTION section RRs with this anymore,
         there is now a function called ldns_rr_new_question_frm_str()

       LIBRARY FEATURES:
       * DS RRs string representation now add bubblebabble in a comment
         (patch from Jakob Schlyter)
       * DLV RR type added
       * TCP fallback system has been improved
       * HMAC-SHA256 TSIG support has been added.
       * TTLS are now correcly set in NSEC(3) records when signing zones

       EXAMPLE TOOLS:
       * New example: ldns-revoke to revoke DNSKEYs according to RFC5011
       * ldns-testpkts has been fixed and updated
       * ldns-signzone now has the option to not add the DNSKEY
       * ldns-signzone now has an (full zone only) opt-out option for
                       NSEC3
       * ldns-keygen can create HMAC-SHA1 and HMAC-SHA256 symmetric keys
       * ldns-walk output has been fixed
       * ldns-compare-zones has been fixed, and now has an option
         to show all differences (-a)
       * ldns-read-zone now has an option to print DNSSEC records only



Please Cc: me, since I am not subscribed to debian-release.  Thank you

Ondrej
-- 
Ondřej Surý <ondrej@sury.org>
Reply to: