3.7.4 in RC with Knot resolver fix

Dear Turris testers,
we just released Turris OS 3.7.4 into RC branch. It is already tested but we would like to test it more :wink:

It fixes a critical DNSSEC flaw. Signatures might be accepted as valid even if the signed data was not in bailiwick of the DNSKEY used to sign it, assuming the trust chain to that DNSKEY was valid.

The whole Turris team wishes you happy testing and we are looking forward to reading your feedback!

Deploy for all will be tomorrow.

I have RC version from 2nd of August in my repo.turris.cz folder. That’s strange …

Maybe it was a pre-announcement; I now see timestamp 2017-08-10 14:44 (not sure about time zone).

Maybe …
I see the same thing now :slight_smile:

Yes, the deploy was delayed for about one hour after the announcement.

And I didn’t explicitly tell that this release is for Omnia only as there is unbound on Turris 1.x. :slight_smile:

1 Like

OK, but I thought, the knot is on Turris 1.x as an optional feature, isn’t it?

No, currently it doesn’t work. It used to be blocked by non-support of the platform by luajit; that might be solved by recent changes on their master, but we haven’t verified that yet.

1 Like