* Wed Mar 12 2025 Richard Rahl <rrahl0@opensuse.org>
- add patch fix-CVE-2025-22869.patch, fixes bsc#1239353
* Tue Mar 04 2025 Richard Rahl <rrahl0@opensuse.org>
- update to 1.80.3:
* appc: fix a deadlock in route advertisements
* client/web: fix CSRF handler order in web UI
* Thu Feb 13 2025 Richard Rahl <rrahl0@opensuse.org>
- update to 1.80.2:
* Use ip:country as a geolocation device posture attribute (generally available).
* Thu Feb 06 2025 Richard Rahl <rrahl0@opensuse.org>
- update to 1.80.1:
* net/netmon: add extra panic guard around ParseRIB
* Fri Jan 31 2025 Richard Rahl <rrahl0@opensuse.org>
- update to 1.80.0:
* Hostname system policy is added for overriding the device hostname
configured by the operating system, using an MDM solution.
* Web interface displays a Login button instead of the Reauthenticate button
when adding a new device to your tailnet.
* Tailscale Funnel configuration on devices displays errors when incoming
connections are not permitted and connections are disallowed.
* Connections to a custom coordination server that does not support HTTPS
will no longer fail when a custom port number is specified.
* TLS certificate requests from Let’s Encrypt include the device's DNS name
in the CSR’s SAN extension and set the Common Name field.
* Tailscale Funnel disabled on a device no longer displays enabled in the
admin console.
* GitHub username change automatically updates tailnet name
* 4via6 subnet routers GA
* Auto approvers GA
* Node attributes GA
* Download invoices GA
* Fast user switching GA
* Configuration log streaming integration with S3 buckets GA
* Network flow log streaming integration with S3 buckets GA
* NextDNS profiles per device GA
* GitHub secret scanning
- remove fix-CVE-2024-45337.patch, as it's now included
* Wed Dec 18 2024 Richard Rahl <rrahl0@opensuse.org>
- add patch fix-CVE-2024-45337.patch, to circumevent a possibility
of exploiting the golang-x-crypto security hole. (fix #1234506)
* Fri Dec 13 2024 Richard Rahl <rrahl0@opensuse.org>
- update to 1.78.3:
* cmd/containerboot: fix nil pointer exception
* hostinfo: fix testing in container
* Fri Dec 06 2024 Richard Rahl <rrahl0@opensuse.org>
- update to 1.78.1:
* health: fix TestHealthMetric
* Thu Dec 05 2024 Richard Rahl <rrahl0@opensuse.org>
- update to 1.78.0:
* Client metrics have been added, to provide insights into Tailscale client
behavior, health, and performance.
* tailscale metrics command has been added, to expose and collect client
metrics for use with third-party monitoring systems.
* tailscale syspolicy command has been added, to list system policies, reload
system policies, or view errors related to the system policies configured
on the device.
* Tailscale system policies are applied immediately when pushed via mobile
device management (MDM) or Group Policy, without requiring a client restart.
* Tailscale SSH session recording detects the disappearance of the recorder
node sooner. This fix addresses a security vulnerability described
in TS-2024-013.
* New scopes for OAuth clients have been added with more granular permissions.
Existing OAuth clients using the previous set of scopes, and keys generated
using these clients, are still valid.
* Fri Nov 08 2024 Richard Rahl <rrahl0@opensuse.org>
- update to 1.76.6:
* Logging for when clients move home DERP regions is improved.
* Tailscale clients no longer move their home DERP server prematurely in
response to unusual latency at very specific times.