-------------------------------------------------------------------
Mon Jan 21 13:40:47 UTC 2013 - johann.luce@wanadoo.fr

- Fix spec file for submit in Server:dns repos

-------------------------------------------------------------------
Mon Dec  3 15:20:36 UTC 2012 - johann.luce@wanadoo.fr

- Upgrade to 1.6.16
1.6.16	2012-11-13
	* Fix Makefile to build pyldns with BSD make
	* Fix typo in exporting b32_* symbols to make pyldns load again
	* Allow leaving the RR owner name empty in ldns-testns datafiles.
	* Fix fail to create NSEC3 bitmap for empty non-terminal (bug
	  introduced in 1.6.14).

1.6.15	2012-10-25
	* Remove LDNS_STATUS_EXISTS_ERR from ldns/error.h to make ldns
	  binary compatible with earlier releases again.

1.6.14	2012-10-23
	* DANE support (RFC6698), including ldns-dane example tool.
	* Configurable default CA certificate repository for ldns-dane with
	  --with-ca-file=CAFILE and --with-ca-path=CAPATH
	* Configurable default trust anchor with --with-trust-anchor=FILE
	  for drill, ldns-verify-zone and ldns-dane
	* bugfix #474: Define socklen_t when undefined (like in Win32)
	* bugfix #473: Dead code removal and resource leak fix in drill
	* bugfix #471: Let ldns_resolver_push_dnssec_anchor accept DS RR's too.
	* Various bugfixes from code reviews from CZ.NIC and Paul Wouters
	* ldns-notify TSIG option argument checking
	* Let ldns_resolver_nameservers_randomize keep nameservers and rtt's
	  in sync.
	* Let ldns_pkt_push_rr now return false on (memory) errors.
	* Make buffer_export comply to documentation and fix buffer2str
	* Various improvements and fixes of pyldns from Katel Slany
	  now documented in their own Changelog.
	* bugfix: Make ldns_resolver_pop_nameserver clear the array when
	  there was only one.
	* bugfix #459: Remove ldns_symbols and export symbols based on regex
	* bugfix #458: Track all newly created signatures when signing.
	* bugfix #454: Only set -g and -O2 CFLAGS when no CFLAGS was given.
	* bugfix #457: Memory leak fix for ldns_key_new_frm_algorithm.
	* pyldns memory handling fixes and the python3/ldns-signzone.py
	  examples script contribution from Karel Slany.
	* bugfix #450: Base # bytes for P, G and Y (T) on the guaranteed
	  to be bigger (or equal) P in ldns_key_dsa2bin.
	* bugfix #449: Deep free cloned rdf's in ldns_tsig_mac_new.
	* bugfix #448: Copy nameserver value (in stead of reference) of the
	  answering nameserver to the answer packet in ldns_send_buffer, so
	  the original value may be deep freed with the ldns_resolver struct.
	* New -0 option for ldns-read-zone to replace inception, expiration
	  and signature rdata fields with (null). Thanks Paul Wouters.
	* New -p option for ldns-read-zone to prepend-pad SOA serial to take
	  up ten characters.
	* Return error if printing RR fails due to unknown/null RDATA. 

-------------------------------------------------------------------
Sun Jun 10 20:33:18 UTC 2012 - johann.luce@wanadoo.fr

- Upgrade to 1.6.13
  	* New -S option for ldns-verify-zone to chase signatures online.
	* New -k option for ldns-verify-zone to validate using a trusted key.
	* New inception and expiration margin options (-i and -e) to 
	  ldns-verify-zone.
	* New ldns_dnssec_zone_new_frm_fp and ldns_dnssec_zone_new_frm_fp_l
	  functions.
	* New ldns_duration* functions (copied from OpenDNSSEC source)
	* fix ldns-verify-zone to allow NSEC3 signatures to come before
	  the NSEC3 RR in all cases. Thanks Wolfgang Nagele.
	* Zero the correct flag (opt-out) when creating NSEC3PARAMS.
	  Thanks Peter van Dijk.
	* Canonicalize RRSIG's Signer's name too when validating, because 
	  bind and unbound do that too. Thanks Peter van Dijk.
	* bugfix #433: Allocate rdf using ldns_rdf_new in ldns_dname_label
	* bugfix #432: Use LDNS_MALLOC & LDNS_FREE i.s.o. malloc & free
	* bugfix #431: Added error message for LDNS_STATUS_INVALID_B32_EXT
	* bugfix #427: Explicitely link ssl with the programs that use it.
	* Fix reading \DDD: Error on values that are outside range (>255).
	* bugfix #429: fix doxyparse.pl fails on NetBSD because specified
	  path to perl.
	* New ECDSA support (RFC 6605), use --disable-ecdsa for older openssl.
	* fix verifying denial of existence for DS's in NSEC3 Opt-Out zones.
	  Thanks John Barnitz 

-------------------------------------------------------------------
Thu Apr 19 14:05:39 UTC 2012 - johann.luce@wanadoo.fr

- Upgrade in 1.6.12
  * bugfix #413: Fix manpage source for srcdir != builddir
  * Canonicalize the signers name rdata field in RRSIGs when signing
  * Ignore minor version of Private-key-format (so v1.3 may be used)
  * Allow a check_time to be given in stead of always checking against
  the current time. With ldns-verify-zone the check_time can be set
  with the -t option.
  * Added functions for updating and manipulating SOA serial numbers.
  ldns-read-zone has an option -S for updating and manipulating the
  serial numbers.
  * The library Makefile is now GNU and BSD make compatible.
  * bugfix #419: NSEC3 validation of a name covered by a wildcard with
  no data.
  * Two new options (--with-drill and --with-examples) to the main
  configure script (in the root of the source tree) to build drill
  and examples too.
  * Fix days_since_epoch to year_yday calculation on 32bits systems.
-------------------------------------------------------------------
Tue Jan 10 11:21:38 UTC 2012 - dimstar@opensuse.org

- Add openssl-devel Requires to -devel package: dnssec.h includes
  ssl.h, which in turn is provided by openssl-devel. Without this
  Requires, depending packages need to be aware of underlying
  implementations of ldns.

-------------------------------------------------------------------
Mon Oct 17 15:17:12 UTC 2011 - lnussel@suse.de

- new version 1.6.11
  * new ldnsx python module
  * fix heap overflow (bnc#720277, CVE-2011-3581)

-------------------------------------------------------------------
Wed May 25 13:38:43 UTC 2011 - lnussel@suse.de

- new version 1.6.9
- enable python bindings, used by sshfp's dane tool
- merge with Factory version

-------------------------------------------------------------------
Mon Apr 27 15:34:10 CEST 2009 - crrodriguez@suse.de

- initial version, required by unbound 

-------------------------------------------------------------------
Wed May 21 17:59:04 CEST 2008 - mrueckert@suse.de

- fix the rpmlint warnings

-------------------------------------------------------------------
Wed May 21 05:53:12 CEST 2008 - mrueckert@suse.de

- update to 1.3.0.pre20080229 (taken from unbound-1.0.0 tarball)
  required version update to make it work with unbound

-------------------------------------------------------------------
Wed May 21 04:43:07 CEST 2008 - mrueckert@suse.de

- initial package