1.8:

 - New Features:
    - zonesigner, rollerd
                    - Made changes so that these tools are more compatible
                      with recent versions of Bind
                    - The zone_errors configuration parameter allows a zone-
                      specific maximum to be set.  Once exceeded, that zone
                      will be skipped rather than allowing rollover to continue.
    - blinkenlights
                    - Recognizes when rollerd abruptly quits, so error messages
                      aren't spewed interminably.
    - ZonFile::Fast - Fixed parsing of DS records containing spaces and
                      parsing of mname and rname SOA fields
                    - Added support for parsing KEY records
    - keyrec.pm     - Made changes to properly lock keyrec files before
                      writing to them.
                    - Begun process of deprecating keyrec_open().
    - mapper:       - added a new option: --node-size for mapping
                      complex zones.
    - dnspktflow:   - added two new options:
                      --layout-style for selecting the layout style to use
                      --node-size for mapping complex zones.
                    - Add new (default) option to cluster
                      authoritative nodes together to help better
                      understand the relationships between traffic
                      patterns and authoritative name server/zone arrangement.
    - libval:       - Now distributed with the Root TA.
                    - Added stricter checks for openssl SHA-256 support in
                      configure.
                    - Added several improvements that allow the validator to
                      lookup information within provably insecure zones that
                      do not handle EDNS0 requests nicely. This includes
                      adding support for turning off EDNS0 when traversing a
                      name hierarchy that leads to a provably insecure zone,
                      EDNS0 fallback support, and additional checks to check
                      the sanity of response data.
                    - Fixed certain bugs in CNAME handling and in the
                      validation of proofs accompanying wildcard responses,
                      referrals and alias chains.
                    - Fixed support for RSADSA and RSASHA-512 signature
                      validation.
    - Mac OSX:      - Added a Ports file for mac ports
                    - updated the fink build spec

 - many other miscellaneous bug fixes and improvements.

2 files changed, 6 insertions, 7 deletions

diff --git a/security/dnssec-tools/Makefile b/security/dnssec-tools/Makefile
index cec4e2b5060..9faf860d902 100644
--- a/security/dnssec-tools/Makefile
+++ b/security/dnssec-tools/Makefile
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.4 2010/08/21 16:35:35 seb Exp $
+# $NetBSD: Makefile,v 1.5 2011/03/12 20:07:19 pettai Exp $
 #
 
-DISTNAME=	dnssec-tools-1.7
-PKGREVISION=	1
+DISTNAME=	dnssec-tools-1.8
 CATEGORIES=	security
 MASTER_SITES=	http://www.dnssec-tools.org/download/
 
diff --git a/security/dnssec-tools/distinfo b/security/dnssec-tools/distinfo
index 97f4922fded..a9be9aef58f 100644
--- a/security/dnssec-tools/distinfo
+++ b/security/dnssec-tools/distinfo
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.2 2011/01/06 12:10:21 obache Exp $
+$NetBSD: distinfo,v 1.3 2011/03/12 20:07:19 pettai Exp $
 
-SHA1 (dnssec-tools-1.7.tar.gz) = 754ffec89a672673cae2572fdbd5340600101528
-RMD160 (dnssec-tools-1.7.tar.gz) = 851e017aba0f32828e0ecf88c9846ebf765112c3
-Size (dnssec-tools-1.7.tar.gz) = 2151305 bytes
+SHA1 (dnssec-tools-1.8.tar.gz) = 0202ae58f739d7dc3bede4cc5fc56bcaa60919c6
+RMD160 (dnssec-tools-1.8.tar.gz) = 6072fb61cff077b7793768cd742d73ac9e636974
+Size (dnssec-tools-1.8.tar.gz) = 2245452 bytes
 SHA1 (patch-aa) = cf0f806152bf912d9e6d727f66bdb186ec2f55c7
 SHA1 (patch-ab) = 07b5a0dbbca1c41cbb30b19f5a94ec9f8c900c15
 SHA1 (patch-ac) = 582f054f0b4e8c4024d1a327ddf4236e541d4f98