Better words (#1497 )

Update CHANGELOG for Nebula v1.9.7
HostInfo.remoteCidr should only be populated with the entire vpn ip address issued in the certificate (#1494 )
2025-11-22 00:15:37 +01:00 · 2025-10-10 10:31:46 -05:00 · 2025-10-07 21:10:16 -05:00 · 2025-10-07 17:35:58 -05:00
1 changed files with 14 additions and 1 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,18 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

 ## [Unreleased]

+## [1.9.7] - 2025-10-10
+
+### Security
+
+- Fix an issue where Nebula could incorrectly accept and process a packet from an erroneous source IP when the sender's
+  certificate is configured with unsafe_routes (cert v1/v2) or multiple IPs (cert v2). (#1494)
+
+### Changed
+
+- Disable sending `recv_error` messages when a packet is received outside the allowable counter window. (#1459)
+- Improve error messages and remove some unnecessary fatal conditions in the Windows and generic udp listener. (#1543)
+
 ## [1.9.6] - 2025-7-15

 ### Added
@@ -687,7 +699,8 @@ created.)

 - Initial public release.

-[Unreleased]: https://github.com/slackhq/nebula/compare/v1.9.6...HEAD
+[Unreleased]: https://github.com/slackhq/nebula/compare/v1.9.7...HEAD
+[1.9.7]: https://github.com/slackhq/nebula/releases/tag/v1.9.7
 [1.9.6]: https://github.com/slackhq/nebula/releases/tag/v1.9.6
 [1.9.5]: https://github.com/slackhq/nebula/releases/tag/v1.9.5
 [1.9.4]: https://github.com/slackhq/nebula/releases/tag/v1.9.4
Author	SHA1	Message	Date
Nate Brown	7c3f533950	Better words (#1497 )	2025-10-10 10:31:46 -05:00
Nate Brown	824cd3f0d6	Update CHANGELOG for Nebula v1.9.7	2025-10-07 21:10:16 -05:00
Nate Brown	9f692175e1	HostInfo.remoteCidr should only be populated with the entire vpn ip address issued in the certificate (#1494 )	2025-10-07 17:35:58 -05:00