Log Message:
OpenDNSSEC 1.0.0rc2 - 2009-12-16

Bugfixes:
* Signer Engine: Signer processes could remain open, if they were not close 
  correctly.
* ods-ksmutil: Got a segmentation fault, when an HSM was missing in the 
  configuration. Only applied to versions using MySQL.
* Zone fetcher: Did not close files before moving them.
* Zone fetcher: The serial arithmetic was not correct.
* Auditor: It now ignores unrecognized RR types.
* Signer Engine: Wrong handling of escaped characters in strings 
  (fixed in ldns trunk)
* Set correct permissions on the configuration files.

Known issues:
* Zone fetcher: When using TSIG, an incorrect MAC can be created if the 
  length of the used secret is 'too long' (longer than the maximum digest
  length). This problem is in LDNS 1.6.3 and previous versions. This bug is
  fixed in the upcoming LDNS 1.6.4 release.
* Auditor: Some good NAPTR records may fail to verify with dnsruby-1.41.
  This will be fixed in a future dnsruby release.
* TXT RRs: Some TXT RRs with escape characters may fail to parse correctly 
  with dnsruby-1.41 and ldns 1.6.3. This is fixed in the upcoming releases.

OpenDNSSEC 1.0.0rc1 - 2009-12-04

* Auditor: dnsruby-1.41 should be used (includes fixes for zero length
  salt and RFC3597 unknown classes)
* Signer Engine: ldns 1.6.3 should be used (includes NSEC3 bugfix and class
  inheritance when creating signatures)

Bugfixes:
* Signer Engine: 1.0.0b8 introduced a bug that no signatures where reused.
  Re-fixed.
* Signer Engine: Fix ods-signer start (could hang on MacOSX)
* Signer Engine: Mark a zone in progress if in use by one of the tools.
  Prevents multiple tasks being created for the same zone.
* Signer Engine: Dropped records when zone content changed.
* Signer Engine: Drop inherited groups and set additional groups when dropping
  privileges.
* Zone fetcher: Clean up empty files if AXFR failed
* Zone fetcher: Make syslogging RFC-compliant