Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package nebula for openSUSE:Factory checked in at 2025-12-08 11:54:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/nebula (Old) and /work/SRC/openSUSE:Factory/.nebula.new.1939 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "nebula" Mon Dec 8 11:54:23 2025 rev:11 rq:1321349 version:1.10.0 Changes: -------- --- /work/SRC/openSUSE:Factory/nebula/nebula.changes 2025-10-11 22:52:21.566623496 +0200 +++ /work/SRC/openSUSE:Factory/.nebula.new.1939/nebula.changes 2025-12-08 11:55:22.273049268 +0100 @@ -1,0 +2,23 @@ +Sat Dec 6 11:29:27 UTC 2025 - Richard Rahl <[email protected]> + +- Update to version 1.10.0: + * Support for ipv6 and multiple ipv4/6 addresses in the overlay + * Add the ability to mark packets on linux to better target nebula packets in + iptables/nftables + * Add ECMP support for unsafe_routes + * PKCS11 support for P256 keys when built with pkcs11 tag + * default_local_cidr_any now defaults to false + * Improve logging when a relay is in use on an inbound packet + * Avoid fatal errors if rountines is > 1 on systems that <= 1 + * Log a warning if a firewall rule contains an any that negates a more + restrictive filter + * Accept encrypted CA passphrase from an environment variable + * Allow handshaking with any trusted remote + * Log only the count of blocklisted certificate fingerprints instead of the + entire list + * Don't fatal when the ssh server is unable to be configured successfully + * Improve lost packet statistics + * Honor remote_allow_list in hole punch response +- remove patch fix-CVE-2025-22869.patch, fixed upstream + +------------------------------------------------------------------- Old: ---- fix-CVE-2025-22869.patch nebula-1.9.7.tar.gz New: ---- nebula-1.10.0.tar.gz ----------(Old B)---------- Old: * Honor remote_allow_list in hole punch response - remove patch fix-CVE-2025-22869.patch, fixed upstream ----------(Old E)---------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ nebula.spec ++++++ --- /var/tmp/diff_new_pack.8NRL05/_old 2025-12-08 11:55:23.213088651 +0100 +++ /var/tmp/diff_new_pack.8NRL05/_new 2025-12-08 11:55:23.217088819 +0100 @@ -1,7 +1,7 @@ # # spec file for package nebula # -# Copyright (c) 2025 SUSE LLC +# Copyright (c) 2025 SUSE LLC and contributors # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: nebula -Version: 1.9.7 +Version: 1.10.0 Release: 0 Summary: A scalable overlay networking tool License: MIT @@ -25,7 +25,6 @@ Source0: %{name}-%{version}.tar.gz Source1: vendor.tar.zst Source2: %{name}.service -Patch0: fix-CVE-2025-22869.patch BuildRequires: git-core BuildRequires: golang-packaging BuildRequires: zstd ++++++ _service ++++++ --- /var/tmp/diff_new_pack.8NRL05/_old 2025-12-08 11:55:23.261090662 +0100 +++ /var/tmp/diff_new_pack.8NRL05/_new 2025-12-08 11:55:23.265090829 +0100 @@ -3,7 +3,7 @@ <service name="tar_scm" mode="manual"> <param name="url">https://github.com/slackhq/nebula.git</param> <param name="scm">git</param> - <param name="revision">refs/tags/v1.9.7</param> + <param name="revision">refs/tags/v1.10.0</param> <param name="versionformat">@PARENT_TAG@</param> <param name="versionrewrite-pattern">v(.*)</param> <param name="package-meta">yes</param> ++++++ nebula-1.9.7.tar.gz -> nebula-1.10.0.tar.gz ++++++ ++++ 37181 lines of diff (skipped) ++++++ vendor.tar.zst ++++++ ++++ 164074 lines of diff (skipped)
