@@ -7,6 +7,74 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
77
88## [ Unreleased]
99
10+ ## [ 1.9.0] - 2024-05-07
11+
12+ ### Deprecated
13+
14+ - This release adds a new setting ` default_local_cidr_any ` that defaults to
15+ true to match previous behavior, but will default to false in the next
16+ release (1.10). When set to false, ` local_cidr ` is matched correctly for
17+ firewall rules on hosts acting as unsafe routers, and should be set for any
18+ firewall rules you want to allow unsafe route hosts to access. See the issue
19+ and example config for more details. (#1071 , #1099 )
20+
21+ ### Added
22+
23+ - Nebula now has an official Docker image ` nebulaoss/nebula ` that is
24+ distroless and contains just the ` nebula ` and ` nebula-cert ` binaries. You
25+ can find it here: https://hub.docker.com/r/nebulaoss/nebula (#1037 )
26+
27+ - Experimental binaries for ` loong64 ` are now provided. (#1003 )
28+
29+ - Added example service script for OpenRC. (#711 )
30+
31+ - The SSH daemon now supports inlined host keys. (#1054 )
32+
33+ - The SSH daemon now supports certificates with ` sshd.trusted_cas ` . (#1098 )
34+
35+ ### Changed
36+
37+ - Config setting ` tun.unsafe_routes ` is now reloadable. (#1083 )
38+
39+ - Small documentation and internal improvements. (#1065 , #1067 , #1069 , #1108 ,
40+ #1109 , #1111 , #1135 )
41+
42+ - Various dependency updates. (#1139 , #1138 , #1134 , #1133 , #1126 , #1123 , #1110 ,
43+ #1094 , #1092 , #1087 , #1086 , #1085 , #1072 , #1063 , #1059 , #1055 , #1053 , #1047 ,
44+ #1046 , #1034 , #1022 )
45+
46+ ### Removed
47+
48+ - Support for the deprecated ` local_range ` option has been removed. Please
49+ change to ` preferred_ranges ` (which is also now reloadable). (#1043 )
50+
51+ - We are now building with go1.22, which means that for Windows you need at
52+ least Windows 10 or Windows Server 2016. This is because support for earlier
53+ versions was removed in Go 1.21. See https://go.dev/doc/go1.21#windows (#981 )
54+
55+ - Removed vagrant example, as it was unmaintained. (#1129 )
56+
57+ - Removed Fedora and Arch nebula.service files, as they are maintained in the
58+ upstream repos. (#1128 , #1132 )
59+
60+ - Remove the TCP round trip tracking metrics, as they never had correct data
61+ and were an experiment to begin with. (#1114 )
62+
63+ ### Fixed
64+
65+ - Fixed a potential deadlock introduced in 1.8.1. (#1112 )
66+
67+ - Fixed support for Linux when IPv6 has been disabled at the OS level. (#787 )
68+
69+ - DNS will return NXDOMAIN now when there are no results. (#845 )
70+
71+ - Allow ` :: ` in ` lighthouse.dns.host ` . (#1115 )
72+
73+ - Capitalization of ` NotAfter ` fixed in DNS TXT response. (#1127 )
74+
75+ - Don't log invalid certificates. It is untrusted data and can cause a large
76+ volume of logs. (#1116 )
77+
1078## [ 1.8.2] - 2024-01-08
1179
1280### Fixed
@@ -558,7 +626,8 @@ created.)
558626
559627- Initial public release.
560628
561- [ Unreleased ] : https://github.com/slackhq/nebula/compare/v1.8.2...HEAD
629+ [ Unreleased ] : https://github.com/slackhq/nebula/compare/v1.9.0...HEAD
630+ [ 1.9.0 ] : https://github.com/slackhq/nebula/releases/tag/v1.9.0
562631[ 1.8.2 ] : https://github.com/slackhq/nebula/releases/tag/v1.8.2
563632[ 1.8.1 ] : https://github.com/slackhq/nebula/releases/tag/v1.8.1
564633[ 1.8.0 ] : https://github.com/slackhq/nebula/releases/tag/v1.8.0
0 commit comments