------------------------------------------------------------------- Tue Sep 10 08:26:36 UTC 2024 - Richard Rahl - update to 1.9.4: * Support UDP dialing with gVisor * Make some Nebula state programmatically available via control object * Switch internal representation of IPs to netip, to prepare for IPv6 support * Various dependency updates * Fix a bug on big endian hosts, like mips * Fix a rare panic if a local index collision happens * Fix integer wraparound in the calculation of handshake timeouts on 32-bit - build the binaries non statically - remove enable-pie.patch as it's not needed anymore, since we build the binaries manually, not using the Makefile anymore ------------------------------------------------------------------- Fri Jun 7 06:10:38 UTC 2024 - Richard Rahl - update to version 1.9.3: * Initialize messageCounter to 2 instead of verifying later ------------------------------------------------------------------- Mon Jun 3 23:08:15 UTC 2024 - Richard Rahl - update to version 1.9.2: * Ensure messageCounter is set before handshake is complete ------------------------------------------------------------------- Wed May 29 21:39:44 UTC 2024 - Richard Rahl - update to version 1.9.1: * Fixed a potential deadlock in GetOrHandshake ------------------------------------------------------------------- Thu May 16 23:07:47 UTC 2024 - Richard Rahl - update to version 1.9.0: * This release adds a new setting default_local_cidr_any that defaults to true to match previous behavior, but will default to false in the next release (1.10) * Added example service script for OpenRC * The SSH daemon now supports inlined host keys * The SSH daemon now supports certificates with sshd.trusted_cas * Config setting tun.unsafe_routes is now reloadable * Support for the deprecated local_range option has been removed * Remove the TCP round trip tracking metrics, as they never had correct data * Fixed a potential deadlock introduced in 1.8.1 * Fixed support for Linux when IPv6 has been disabled at the OS level * DNS will return NXDOMAIN now when there are no results * Allow :: in lighthouse.dns.host * Capitalization of NotAfter fixed in DNS TXT response * Don't log invalid certificates. It is untrusted data and can cause a large volume of logs ------------------------------------------------------------------- Tue Apr 9 06:08:08 UTC 2024 - Richard Rahl - initial packaging