Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

tailscale-1.78.3-2.1 RPM for aarch64

From OpenSuSE Ports Tumbleweed for aarch64

Name: tailscale Distribution: openSUSE Tumbleweed
Version: 1.78.3 Vendor: openSUSE
Release: 2.1 Build date: Wed Dec 18 18:33:23 2024
Group: Unspecified Build host: reproducible
Size: 40877482 Source RPM: tailscale-1.78.3-2.1.src.rpm
Packager: http://bugs.opensuse.org
Url: https://github.com/tailscale/tailscale
Summary: The easiest, most secure way to use WireGuard and 2FA
Tailscale is a modern VPN built on top of Wireguard. It works like an overlay
network between the computers of your networks using NAT traversal.

Provides

Requires

License

BSD-3-Clause

Changelog

* Wed Dec 18 2024 Richard Rahl <rrahl0@opensuse.org>
  - add patch fix-CVE-2024-45337.patch, to circumevent a possibility
    of exploiting the golang-x-crypto security hole. (fix #1234506)
* Fri Dec 13 2024 Richard Rahl <rrahl0@opensuse.org>
  - update to 1.78.3:
    * cmd/containerboot: fix nil pointer exception
    * hostinfo: fix testing in container
* Fri Dec 06 2024 Richard Rahl <rrahl0@opensuse.org>
  - update to 1.78.1:
    * health: fix TestHealthMetric
* Thu Dec 05 2024 Richard Rahl <rrahl0@opensuse.org>
  - update to 1.78.0:
    * Client metrics have been added, to provide insights into Tailscale client
      behavior, health, and performance.
    * tailscale metrics command has been added, to expose and collect client
      metrics for use with third-party monitoring systems.
    * tailscale syspolicy command has been added, to list system policies, reload
      system policies, or view errors related to the system policies configured
      on the device.
    * Tailscale system policies are applied immediately when pushed via mobile
      device management (MDM) or Group Policy, without requiring a client restart.
    * Tailscale SSH session recording detects the disappearance of the recorder
      node sooner. This fix addresses a security vulnerability described
      in TS-2024-013.
    * New scopes for OAuth clients have been added with more granular permissions.
      Existing OAuth clients using the previous set of scopes, and keys generated
      using these clients, are still valid.
* Fri Nov 08 2024 Richard Rahl <rrahl0@opensuse.org>
  - update to 1.76.6:
    * Logging for when clients move home DERP regions is improved.
    * Tailscale clients no longer move their home DERP server prematurely in
      response to unusual latency at very specific times.
* Tue Oct 22 2024 Richard Rahl <rrahl0@opensuse.org>
  - update to 1.76.3:
    * no relevant changelog
  - update to 1.76.2:
    * no relevant changelog
  - switch over to the new %{default_fw_backend} macro
  - create old init file only for < leap 16
* Wed Oct 16 2024 Richard Rahl <rrahl0@opensuse.org>
  - update to 1.76.1:
    * tailscale netcheck CLI command no longer crashes when performing diagnostics
      on networks lacking UDP connectivity.
    * Improperly formatted SERVFAIL responses no longer cause DNS timeouts when using an exit node.
    * dbus login sessions no longer fail on systems where /bin/login is missing.
* Mon Oct 14 2024 Alexandre Vicenzi <alexandre.vicenzi@suse.com>
  - Require a firewall backend (boo#1228829)
  - Add simple test check to ensure binaries are working
* Fri Oct 11 2024 Richard Rahl <rrahl0@opensuse.org>
  - update to 1.76.0:
    * Clients lacking UDP connectivity no longer skip performing fallback latency
      measurements with DERP servers.
    * Warnings no longer display unnecessarily.
    * Tailscale connectivity on in-flight internet on airplanes (such as Alaska Airlines) no longer fails.
    * Service-related processes no longer run unnecessarily when services are disabled on the tailnet.
    * Error messages include explanations in addition to the HTTP status code.
    * Tailscale SSH supports sending environment variables to hosts. It's also possible to specify
      permitted environment variables using the acceptEnv field.
    * Tailscale SSH no longer breaks some terminal applications by omitting pixel width and height when
      resizing the application window.
* Sat Sep 21 2024 Eric Torres <eric.torres@its-et.me>
  - Change path of zsh completion file to make zsh properly recognize completions
    * /usr/share/zsh/site-functions/tailscale moved to /usr/share/zsh/site-functions/_tailscale
* Wed Sep 18 2024 Richard Rahl <rrahl0@opensuse.org>
  - update to 1.74.1:
    * wgengine/magicsock: disable raw disco by default; add envknob to enable
* Fri Sep 13 2024 Richard Rahl <rrahl0@opensuse.org>
  - update to 1.74.0
    * AuthKey system policy can be used to authenticate a device with Tailscale using an MDM solution.
    * tailscale dns CLI command is added for accessing Tailscale DNS settings and status.
    * Tailnet Lock long rotation signatures are truncated automatically to avoid excessive growth.
    * Log In option in the client works as expected.
    * TCP generic receive offload (GRO) support is added for improved userspace mode throughput.
    * TCP generic segmentation offload (GSO) is re-introduced for supporting improved userspace mode throughput.
      This was initially introduced in Tailscale v1.72.0 and then rolled back in v1.72.1.
    * Device posture integration with CrowdStrike Falcon can now use MAC addresses to match devices that lack serial numbers.
      When Falcon integration is configured, Device Identity Collection will automatically collect MAC addresses.
* Thu Aug 22 2024 Richard Rahl <rrahl0@opensuse.org>
  - update to 1.72.1:
    * DNS over TCP failures when querying the Tailscale-internal resolver are fixed.
* Wed Aug 21 2024 rrahl0@opensuse.org
  - Update to version 1.72.0:
    * posture: deduplicate MAC addresses before returning them
    * health/dns: reduce severity of DNS unavailable warning
    * safeweb: add Server.Close method
    * go.mod.sri: update SRI hash for go.mod changes
    * go.{mod,sum}: migrate from nhooyr.io/websocket to github.com/coder/websocket
    * cmd/viewer: add support for map-like container types
  - update golang(API) to 1.23
  - export version variables, to circumvent a bug
* Thu Jul 18 2024 Richard Rahl <rrahl0@opensuse.org>
  - update to 1.70.0:
    * New: Restrict recommended and automatically selected exit nodes using the
      new AllowedSuggestedExitNodes system policy. Applies only to platforms that
      support system policies.
    * Changed: Improved NAT traversal for some uncommon scenarios.
    * Changed: Optimized sending firewall rules to clients more efficiently.
    * Fixed: Exit node suggestion CLI command now prints the hostname.
    * Fixed: Taildrive share paths configured through the CLI resolve relative
      to where you run the tailscale command.
* Tue Jul 02 2024 Richard Rahl <rrahl0@opensuse.org>
  - update to 1.68.2:
    * Fixed: Tailnet lock validation of rotation signatures now permits multiple nodes
      signed by the same pre-signed reusable auth key.
* Sun Jun 16 2024 Richard Rahl <rrahl0@disroot.org>
  - update to 1.68.1:
    * Fixed: 4via6 subnet router advertisement works as expected.
    * Fixed: Tailscale SSH access to Security-Enhanced Linux (SELinux) machines works as expected.
  - update to 1.68.0:
    * New: Auto-updates are allowed in containers, but ignore the tailnet-wide default
    * New: Apply auto-updates even if the node is down or disconnected from the coordination server.
    * New: tailscale lock status now prints the node's signature.
* Wed May 22 2024 Richard Rahl <rrahl0@disroot.org>
  - update to 1.66.4:
    * Fixed: Restored UDP connectivity through Mullvad exit nodes
    * Stateful filtering is now off by default
  - update to 1.66.3:
    * Login URLs did not always appear in the console when running tailscale up
    * Starting with v1.66, the Kubernetes operator must always run the same or later version
      as the proxies it manages.
    * Expose cloud services on cluster network to the tailnet, using Kubernetes ExternalName Services
    * Expose tailnet services that use Tailscale HTTPS to cluster workloads
    * Cluster workloads can now refer to Tailscale Ingress resources by their MagicDNS names
    * Configure environment variables for Tailscale Kubernetes operator proxies using ProxyClass CRD
    * Expose tailscaled metrics endpoint for Tailscale Kubernetes operator proxies through ProxyClass CRD
    * Configure labels for the Kubernetes operator Pods with Helm chart values
    * Configure affinity rules for Kubernetes operator proxy Pods with ProxyClass
    * Kubernetes operator proxy init container no longer attempts to enable IPv6 forwarding on systems
      that don't have IPv6 module loaded
    * Tailscale containers running on Kubernetes no longer error if an empty Kubernetes Secret is
      pre-created for the tailscaled state
    * Improved the ambiguous error messages when Tailscale running on Kubernetes does not have the right
      permissions to perform actions against the tailscaled state Secret
* Fri May 10 2024 Richard Rahl <rrahl0@disroot.org>
  - update to 1.66.1:
    * Resolved issues with nftables rules for stateful filtering,
      introduced in v1.66.0.
    * tailscale set command flags --netfilter-mode, --snat-subnet-routes,
      and --stateful-filtering are added.
  - update to 1.66.0:
    * Implemented client-side quarantining for shared-in exit nodes,
      as a mitigation for a security vulnerability described in TS-2024-005.
    * Use the --stateful-filtering flag for the tailscale up to enable stateful filtering for
      subnet routers and exit nodes, as a mitigation for a security vulnerability described
      in TS-2024-005.
    * Added tab completions
    * Use the tailscale exit-node suggest command to automatically pick an available exit node
      that is likely to perform best.
    * Site-to-site networking now also requires --stateful-filtering=false in addition to
    - -snat-subnet-routes=false on new subnet routers. Existing subnet routers with --snat-subnet-routes=false
      will default to --stateful-filtering=false.
  - update to 1.64.2:
    * nothing relevant for linux
  - update to 1.64.1:
    * nothing relevant for linux
  - update to 1.64.0:
    * New: tailscale configure kubeconfig now respects KUBECONFIG environment variable.
    * Fixed: tailscale configure kubeconfig now works with partially empty kubeconfig.
    * Fixed: MSS clamping for Kubernetes operator proxies using nftables.
    * Fixed: Containers on hosts with partial support for ip6tables no longer crash.
  - turn of changelog generation
  - add completions for bash
* Sat Mar 30 2024 Richard Rahl <rrahl0@proton.me>
  - update to 1.62.1:
    * Send load balancing hint HTTP request header
    * Fixed: Kubernetes operator proxies should not accept subnet routes
* Thu Mar 14 2024 rrahl0@proton.me
  - update to 1.62.0:
    * IPv6 support detection in a container environment is improved
    * New: Web interface now uses ACL grants to manage access on tagged devices
    * Tailscale SSH connections now disable unnecessary hostname canonicalization
    * tailscale bugreport command for generating diagnostic logs now contain ethtool information
    * Mullvad's family-friendly server is added to the list of well known DNS over HTTPS (DoH) servers
    * DNS over HTTP requests now contain a timeout
    * TCP forwarding attempts in userspace mode now have a per-client limit
    * Endpoints with link-local IPv6 addresses is preferred over private addresses
    * WireGuard logs are less verbose
    * Go min. version 1.22.1
    * DERP server region no longer changes if connectivity to the new DERP region is degraded
  - update to 1.60.1:
    * Exposing port 8080 to other devices on your tailnet works as expected
* Tue Feb 20 2024 Alexandre Vicenzi <alexandre.vicenzi@suse.com>
  - Add disable-auto-update.patch to prevent auto updates and instead
    ask users to use Zypper to update manually
* Tue Feb 20 2024 Richard Rahl <rrahl0@proton.me>
  - change to the non deprecated manualrun
* Fri Feb 16 2024 alexandre.vicenzi@suse.com
  - Spec cleanup
    * Use tar_scm to avoid commit hashes in the spec
    * Use tailscale build scripts
    * Drop ProtectClock fix for Leap, DeviceAllow fixes it
  - Add build-verbose.patch to get go flags into build log
  - Enable PrivateDevices but allow access to /dev/net/tun in tailscaled.service
* Fri Feb 16 2024 Richard Rahl <rrahl0@proton.me>
  - update to 1.60.0:
    * minimum go version 1.22
    * authentication: present users with a valid login page when
      attempting to login even after leaving device unattended for several days
    * networking: mute noisy peer mtu discovery errors
    * networking: expose gVisor metrics in debug mode
    * port mapper: support legacy "urn:dslforum-org" port mapping services
    * port mapper: fix crash when no support mapping services found
    * ssh: log warning when unable to find SSH host keys
    * serve: improve error message when running as non-root
    * Detect when Tailscale is running on Digital Ocean and automatically
      use Digital Ocean's DNS resolvers
    * enable app connectors to install routes for domains that resolve to CNAME
      records
    * support pre-configured routes from control server
    * add new read-only mode
    * tailscale status command: fix output formatting Tailnet
      includes location-based exit nodes
    * a new ProxyClass custom resource that allows to provide custom
      configuration for cluster resources that the operator creates
    * ACL tags for the operator can now be configured via Helm chart values
    * routing to Ingress backends that require an exact path without a slash
* Wed Feb 07 2024 Richard Rahl <rrahl0@proton.me>
  - make rpm not overwrite /etc/default/taiscaled
  - defattr everything to root
* Sat Feb 03 2024 Richard Rahl <rrahl0@proton.me>
  - no stripping of binaries
  - add commitID to binaries for upstream
  - add directory for saved configs
* Tue Jan 23 2024 Richard Rahl <rrahl0@proton.me>
  - switch services to manual
  - update to version 1.58.2:
    * Fixed: [App connectors][app-connectors] have improved scheduling
      and merging of route changes under some conditions
    * Fixed: Crash when performing UPnP portmapping on older routers
      with no supported portmapping services
* Fri Jan 19 2024 Richard Rahl <rrahl0@proton.me>
  - update to version 1.58.0:
    * portmap: check the epoch from NAT-PMP & PCP, establish new portmapping if it changes
    * portmap: better handle multiple interfaces
    * portmap: handle multiple UPnP discovery responses
    * increase the number of 4via6 site IDs from 256 to 65,536
    * taildrop: allow category Z unicode characters
    * increased binary size with 1.56 is resolved in 1.58
    * Reduce home DERP flapping when there's still an active connection
    * device web ui: fixed issue when accessing shared devices
    * device web ui: fixed login issue when accessed over https
* Wed Jan 10 2024 Richard Rahl <rrahl0@proton.me>
  - fix an issue with Leap, where ProtectClock prevents to connect to
    /dev/net/tun
* Fri Dec 15 2023 Richard Rahl <rrahl0@proton.me>
  - update to version 1.56.1:
    * Fixed: Web interface redirects to the correct self IP known by source peer
    * Fixed: Usage of slices.Compact from app connector domains list
* Fri Dec 15 2023 Richard Rahl <rrahl0@proton.me>
  - fix version output to what upstream expects
* Wed Dec 13 2023 rrahl0@proton.me
  - Update to version 1.56.0:
    * improve responsiveness under load, especially with bidirectional traffic
    * improve UPnP portmapping
    * add tailscale whois subcommand to observe metadata associated with a Tailscale IP
    * include tailnet name and profile ID in tailscale switch --list to disambiguate
      profiles with common login names
    * improve tailscale web interface for configuring some device settings such as exit nodes,
      subnet routers, and Tailscale SSH
    * improve containerboot to symlink its socket file if possible,
      making the tailscale CLI work without --socket=/tmp/tailscale.sock
    * add support in Kubernetes operator cluster egress for referring to a tailnet service
      by its MagicDNS name
  - Update to version 1.54.1:
    * no relevant updates to the linux version
* Fri Nov 24 2023 Richard Rahl <rrahl0@proton.me>
  - tailscale couldn't connect to /dev/net/tun
* Thu Nov 23 2023 rrahl0@proton.me
  - Update to version 1.54.0:
    * improve throughput substantially for UDP packets over TUN device with recent Linux kernels
  - Update to version 1.52.1:
    * no linux improvements
  - Update to version 1.52.0:
    * tailscale set command flag --auto-update is added to opt in to automatic client updates
    * tailscale serve and tailscale funnel commands are updated for improved usability
    * tailscale update command for manual updates is now in beta
    * Taildrop file transfer displays a progress meter
    * nftables auto-detection is improved when TS_DEBUG_FIREWALL_MODE=auto is used
    * DNS detection of NetworkManager with configured but absent systemd-resolved
    * Taildrop now resumes file transfers after partial transfers are interrupted
    * tailscale up command displays a message about client updates when newer versions are available
    * tailscale status command displays a message about client updates when newer versions are available
    * tailscale cert command renews in the background. The current certificate only displays if it has expired.
* Mon Oct 02 2023 rrahl0@proton.me
  - Update to version 1.50.1:
    * fix bug where serve config could get wiped
    * Funnel support for tsnet apps
    * fix potential crash with UPnP
* Sat Sep 30 2023 rrahl0@proton.me
  - Update to version 1.50.0:
    * Update tailscale{,d} licenses
    * Update Quad9 addresses and references
    * Adds support for Wikimedia DNS using DNS-over-HTTPS
  - Update to version 1.48.1:
    * no relevant updates
  - Update to version 1.48.2:
    * Improvements to Mullvad exit nodes
* Fri Aug 18 2023 Richard Rahl <rrahl0@proton.me>
  - Initial revision

Files

/etc/default/tailscaled
/usr/bin/tailscale
/usr/lib/systemd/system/tailscaled.service
/usr/sbin/tailscaled
/usr/share/doc/packages/tailscale
/usr/share/doc/packages/tailscale/README.md
/usr/share/doc/packages/tailscale/SECURITY.md
/usr/share/licenses/tailscale
/usr/share/licenses/tailscale/LICENSE
/usr/share/licenses/tailscale/PATENTS
/var/lib/tailscale


Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Jan 24 23:52:04 2025