------------------------------------------------------------------- Mon Nov 24 14:37:53 UTC 2025 - Hillwood Yang - Update version to 2025.11.1 * bump coredns to solve CVE * add vulncheck to cloudflared * Remove references to cloudflare-go * Add logging format as JSON * Centralize UDP origin proxy dialing as ingress service * Add virtual DNS service * Add OriginDialerService to include TCP * Add --dns-resolver-addrs flag * Remove P256Kyber768Draft00PQKex curve from nonFips curve preferences * Bump go-boring from 1.24.2 to 1.24.4 * Add metrics for virtual DNS origin * set proper url and hostname for cloudflared tail command * Add support for login interstitial auto closure * update fed callback url for login helper * Correct QUIC connection management for datagram handlers * Set endpoint in tunnel credentials when generating locally managed tunnel with a Fed token * Migrate cloudflared-ci pipelines to Gitlab CI * Add support for FedRAMP in originRequest Access config * Add buffers for UDP and ICMP datagrams in datagram v3 * Add write deadline for UDP origin writes * Improve metrics for datagram v3 * Force usage of go-boring 1.24 * Fix import of GPG keys when two keys are provided * Fix parameter order when uploading RPM .repo file to R2 * Add new datagram v3 feature flag * Bump datagram v3 write channel capacity * Fix upload of RPM repo file during double signing * Fix the cloudflared binary path used in the component test * Fix typo causing r2-release-next deployment to fail * Update from go1.24.6 to go1.24.9 * Fix systemd service installation hanging * Add cf-proxy-* to control response headers * Add pipelines for linux packaging * Prefix gitlab steps with operating system * Fix docker hub push step - Add update-crypto.patch, update crypto to 0.45 to fix CVE issues * Fix CVE-2025-58181 boo#1253918 * Fix CVE-2025-22869 boo#1239422 ------------------------------------------------------------------- Wed Jun 11 12:10:55 UTC 2025 - Hillwood Yang - Update version to 2025.6.0 * Remove dynamic reloading of features for datagram v3 * Add metric for unsupported RPC commands for datagram v3 * Add dynamic loading of features to connections via ConnectionOptionsSnapshot * Use is_default_network instead of is_default to create vnet's * Update go to 1.24 ------------------------------------------------------------------- Sun May 4 11:37:40 UTC 2025 - Hillwood Yang - Update version to 2025.4.2 * emit explicit errors for the service command on unsupported OSes * Fix some issues - Drop update-vendor.patch and reproducible.patch ------------------------------------------------------------------- Sat Dec 14 11:40:38 UTC 2024 - Hillwood Yang - Update version to 2024.12.1 * TUN-8748: Migrated datagram V3 flows to use migrated context * TUN-8737: update metrics server port selection * TUN-8731: Implement diag/system endpoint * TUN-8728: implement diag/tunnel endpoint * TUN-8730: implement diag/configuration * TUN-8735: add managed/local log collection * TUN-8733: add log collection for docker * TUN-8734: add log collection for kubernetes * TUN-8640: Refactor ICMPRouter to support new ICMPResponders * TUN-8729: implement network collection for diagnostic procedure * TUN-8727: implement metrics, runtime, system, and tunnelstate in diagnostic http client * TUN-8726: implement compression routine to be used in diagnostic procedure * TUN-8732: implement port selection algorithm * TUN-8762: fix argument order when invoking tracert and modify network info output parsing * TUN-8769: fix k8s log collector arguments * TUN-8727: extend client to include function to get cli configuration and tunnel configuration * TUN-8725: implement diagnostic procedure * TUN-8767: include raw output from network collector in diagnostic zip file * TUN-8770: add cli configuration and tunnel configuration to diagnostic zipfile * TUN-8768: add job report to diagnostic zipfile * TUN-8775: Make sure the session Close can only be called once * TUN-8781: Add Trixie, drop Buster. Default to Bookworm * TUN-8640: Add ICMP support for datagram V3 * TUN-8789: make python package installation consistent * TUN-8795: update createrepo to createrepo_c to fix the release_pkgs.py script - Add update-vendor.patch, fix CVE-2024-45337 and boo#1234582 ------------------------------------------------------------------- Mon Nov 25 14:30:18 UTC 2024 - Hillwood Yang - Update version to 2024.11.1 * Add cloudflared tunnel health command * PPIP-2310: Update quick tunnel disclaimer * TUN-8621: Prevent QUIC connection from closing before grace period after unregistering * TUN-8484: Print response when QuickTunnel can't be unmarshalled * TUN-8592: Use metadata from the edge to determine if request body is empty for QUIC transport * TUN-8621: Fix cloudflared version in change notes to account for release date * TUN-8638: Add datagram v3 serializers and deserializers * TUN-8685: Bump coredns dependency * TUN-8688: Correct UDP bind for IPv6 edge connectivity on macOS * TUN-8694: Fix github release script * TUN-8694: Rework release script * TUN-8661: Refactor connection methods to support future different datagram muxing methods * TUN-8692: remove dashes from session id * TUN-8708: Bump python min version to 3.10 * TUN-8667: Add datagram v3 session manager * TUN-8553: Bump go to 1.22.5 and go-boring 1.22.5-1 * TUN-8700: Add datagram v3 muxer * TUN-8646: Allow experimental feature support for datagram v3 * TUN-8641: Expose methods to simplify V3 Datagram parsing on the edge * VULN-66059: remove ssh server tests * TUN-8709: Add session migration for datagram v3 * TUN-8701: Add metrics and adjust logs for datagram v3 * add: new go-fuzz targets * TUN-8701: Simplify flow registration logs for datagram v3 ------------------------------------------------------------------- Fri Sep 13 12:22:21 UTC 2024 - Hillwood Yang - Update version to 2024.9.1 * TUN-8546: Fix final artifacts paths * TUN-8583: change final directory of artifacts * TUN-8585: Avoid creating GH client when dry-run is true * TUN-8591 login command without extra text * TUN-8592: Use metadata from the edge to determine if request body is empty for QUIC transport * TUN-8484: Print response when QuickTunnel can't be unmarshalled * TUN-8621: Prevent QUIC connection from closing before grace period after unregistering * PPIP-2310: Update quick tunnel disclaimer ------------------------------------------------------------------- Mon Aug 5 08:39:46 UTC 2024 - Hillwood Yang - Update version to 2024.7.3 * TUN-8546: Fix final artifacts paths ------------------------------------------------------------------- Tue Jul 30 14:55:59 UTC 2024 - Hillwood Yang - Update version to 2024.7.1 * Add user-agent for quick-tunnel requests * Add default noop logger for capnprpc * cloudflared uses new PQ curve ID * use -p flag to create intermediate directories ------------------------------------------------------------------- Wed Jul 17 10:30:08 UTC 2024 - Bernhard Wiedemann - Add reproducible.patch to not include the build date (boo#1047218) ------------------------------------------------------------------- Mon Jul 8 11:56:05 UTC 2024 - Andreas Schwab - Define GOARCH - Remove 003-support-ppc64le.patch. ------------------------------------------------------------------- Thu Jul 4 13:55:12 UTC 2024 - Hillwood Yang - Add 003-support-ppc64le.patch ------------------------------------------------------------------- Mon Jun 17 07:40:16 UTC 2024 - Hillwood Yang - Initial package for version 2024.6.0 - Add 001-skip-test.patch and 002-use-pie.patch