Skip to content

Releases: zerotier/ZeroTierOne

1.8.2

11 Nov 03:21
a7116bc
Compare
Choose a tag to compare

VERSION 1.8.2

See RELEASE-NOTES.md

1.8.1

28 Oct 18:53
3c7bd65
Compare
Choose a tag to compare

See RELEASE-NOTES.md for changes.

VERSION 1.6.6

22 Sep 17:29
19f3a97
Compare
Choose a tag to compare

This is a patch release incorporating a mitigation against the security issue reported on September 20th, 2021. It's not absolutely required (as the issue was mitigated in our hosted roots) but is highly recommended for all users.

VERSION 1.6.5

30 Apr 20:46
e8f7d5e
Compare
Choose a tag to compare
This is a minor release that fixes some path stability issues and an issue with Windows interface enumeration.

VERSION 1.6.4

17 Feb 16:37
e8390af
Compare
Choose a tag to compare

This version finally fixes the "coma" bug that some users have experienced in 1.6.

VERSION 1.6.3

04 Feb 03:08
7c2066c
Compare
Choose a tag to compare

This version contains a likely fix for a "coma" issue that some users have reported in 1.6.2. Please report any recurrence of this issue with as much detail as possible.

Version 1.6.2

01 Dec 00:36
e440416
Compare
Choose a tag to compare

2020-11-30 -- Version 1.6.2

  • Fix an ARM hardware AES crypto issue (not an exploitable vulnerability).
  • Fix a Linux network leave hang due to a mutex deadlock.

Version 1.6.1

26 Nov 05:51
af705ac
Compare
Choose a tag to compare

2020-11-24 -- Version 1.6.1

This release fixes some minor bugs and other issues in 1.6.0.

  • Fixed a bug that caused IP addresses in the 203.0.0.0/8 block to be miscategorized as not being in global scope.
  • Changed Linux builds to (hopefully) fix LXC and SELinux issues.
  • Fixed unaligned memory access that caused crash on FreeBSD systems on the ARM architecture.
  • Merged CLI options for controlling bonded devices into the beta multipath code.
  • Updated Windows driver with Microsoft cross-signing to fix issues on some Windows systems.

Version 1.6.0

20 Nov 23:56
baeab92
Compare
Choose a tag to compare

Version 1.6.0 is a major release that incorporates back-ported features from the 2.0 branch, which is still under development. It also fixes a number of issues.

New features and improvements (including those listed under 1.5.0):

  • Apple Silicon (MacOS ARM64) native support via universal binary. ZeroTier now requires the very latest Xcode to build.
  • Linux performance improvements for up to 25% faster tun/tap I/O performance on multi-core systems.
  • Multipath support with modes modeled after the Linux kernel's bonding driver. This includes active-passive and active-active modes with fast failover and load balancing. See section 2.1.5 of the manual.
  • DNS configuration push from network controllers to end nodes, with locally configurable permissions for whether or not push is allowed.
  • AES-GMAC-SIV encryption mode, which is both somewhat more secure and significantly faster than the old Salsa20/12-Poly1305 mode on hardware that supports AES acceleration. This includes virtually all X86-64 chips and most ARM64. This mode is based on AES-SIV and has been audited by Trail of Bits to ensure that it is equivalent security-wise.

Bug fixes:

  • Managed route assignment fixes to eliminate missing routes on Linux and what we believe to be the source of sporadic high CPU usage on MacOS.
  • Hang on shutdown issues should be fixed.
  • Sporadic multicast outages should be fixed.

Known remaining issues:

  • AES hardware acceleration is not yet supported on 32-bit ARM, PowerPC (32 or 64), or MIPS (32 or 64) systems. Currently supported are X86-64 and ARM64/AARCH64 with crypto extensions.

1.5.0 (1.6.0-beta1)

08 Oct 22:11
fe1ce88
Compare
Choose a tag to compare
1.5.0 (1.6.0-beta1) Pre-release
Pre-release

2020-10-05 -- Version 1.5.0 (actually 1.6.0-beta1)

Version 1.6.0 (1.5.0 is a beta!) is a significant release that incorporates a number of back-ported fixes and features from the ZeroTier 2.0 tree.

Major new features are:

  • Multipath support with modes modeled after the Linux kernel's bonding driver. This includes active-passive and active-active modes with fast failover and load balancing. See section 2.1.5 of the manual.
  • DNS configuration push from network controllers to end nodes, with locally configurable permissions for whether or not push is allowed.
  • AES-GMAC-SIV encryption mode, which is both somewhat more secure and significantly faster than the old Salsa20/12-Poly1305 mode on hardware that supports AES acceleration. This includes virtually all X86-64 chips and most ARM64. This mode is based on AES-SIV and has been audited by Trail of Bits to ensure that it is equivalent security-wise.

Known issues that are not yet fixed in this beta:

  • Some Mac users have reported periods of 100% CPU in kernel_task and connection instability after leaving networks that have been joined for a period of time, or needing to kill ZeroTier and restart it to finish leaving a network. This doesn't appear to affect all users and we haven't diagnosed the root cause yet.
  • The service sometimes hangs on shutdown requiring a kill -9. This also does not affect all systems or users.
  • AES hardware acceleration is not yet supported on 32-bit ARM, PowerPC (32 or 64), or MIPS (32 or 64) systems. Currently supported are X86-64 and ARM64/AARCH64 with crypto extensions.
  • Some users have reported multicast/broadcast outages on networks lasting up to 30 seconds. Still investigating.

We're trying to fix all these issues before the 1.6.0 release. Stay tuned.