[ANNOUNCE] WireGuard Snapshot `0.0.20191212` Available

Jason A. Donenfeld Jason at zx2c4.com
Thu Dec 12 12:34:58 CET 2019 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello,

A new snapshot, `0.0.20191212`, has been tagged in the git repository.

Please note that this snapshot is a snapshot rather than a final
release that is considered secure and bug-free. WireGuard is generally
thought to be fairly stable, and most likely will not crash your
computer (though it may).  However, as this is a snapshot, it comes
with no guarantees; it is not applicable for CVEs.

With all that said, if you'd like to test this snapshot out, there are a
few relevant changes.

== Changes ==

  * socket: convert to ipv6_dst_lookup_flow for 5.5
  
  WireGuard should now run fine on 5.5-rc1, for folks running pre-release
  kernels. Note that although WireGuard is slated to enter mainline with 5.6
  (thus making 5.5 the last compat-release), the patch in net-next for 5.6 will
  apply evenly over 5.5 as well. The difference between doing that and using
  WireGuard out of the compat-release here is that this one here uses nicer
  crypto primitives. While Frankenzinc has landed, we're still in the process of
  getting some remaining primitives upstream so that functionality is paired. In
  otherwords, it's now an iterative process to transform Frankenzinc back into
  Zinc proper. So until then, I'd recommend sticking with this repo like usual,
  and waiting for 5.6 to start using it in tree, which is the release at which
  WireGuard will be in Linus' tree anyway.
  
  * compat: support building for RHEL-8.1 instead of RHEL-8.0
  
  Please send an email if you're still experiencing build problems on RHEL or
  CentOS.
  
  * wg-quick: linux: add support for nft and prefer it
  
  There was a long mailing list discussion about this. The conclusion is here:
  https://lists.zx2c4.com/pipermail/wireguard/2019-December/004763.html
  
  * wg-quick: linux: support older nft(8)
  
  We can't use all the niceties of modern nft(8) because many distros still ship
  old tools. Hopefully this will be the only old-nft(8)-enabling commit; it took
  many more tries with iptables(8) to get it working everywhere.
  
  * global: fix up spelling
  * main: remove unused include <linux/version.h>
  
  House keeping.

This snapshot contains commits from: Jason A. Donenfeld, YueHaibing, Sergey 
Ivanov, and Josh Soref.

As always, the source is available at https://git.zx2c4.com/WireGuard/ and
information about the project is available at https://www.wireguard.com/ .

This snapshot is available in compressed tarball form here:
  https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20191212.tar.xz
  SHA2-256: b0d718380f7a8822b2f12d75e462fa4eafa3a77871002981f367cd4fe2a1b071
  BLAKE2b-256: 227bb8f54e9dc5e3d3f394c878054b6d377c9ae58f0bb5959477357843d70322

A PGP signature of that file decompressed is available here:
  https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20191212.tar.asc
  Signing key: AB9942E6D4A4CFC3412620A749FC7012A5DE03AE

If you're a snapshot package maintainer, please bump your package version. If
you're a user, the WireGuard team welcomes any and all feedback on this latest
snapshot.

Finally, WireGuard development thrives on donations. By popular demand, we
have a webpage for this: https://www.wireguard.com/donations/

Thank you,
Jason Donenfeld


-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEEq5lC5tSkz8NBJiCnSfxwEqXeA64FAl3yJcsQHGphc29uQHp4
MmM0LmNvbQAKCRBJ/HASpd4DrmoPEADb0HjoMuoWiqja8jaR2WKfGtaLRdT32If8
kOPGDMu5jGRTfb3kuMV0QEMfd4IzAQ9vEkKttRGhTBushOFAEMwU0d6Vlx8KKQOY
P85dac8wxWWamVmEbmS6HweyfZPCIp2kHZWWybsjpglBgM3Ak8F6XpZqOctaMVXt
pX7TXbPydI547ZDZV9byg2r8DeV47bToneyGu3H6mFMydVc+ZwImjKYB5inxORL+
SxUbCZUlRJxTGUlgELI/mQfW070yy8CKn4UtP3RKIJtwOgFaZpOYTEvBu7M9Fijm
RQ/A0jzaDmmHA+VUBqRI/uz0oQfDMXH5CQ9xD2X4qWJ3ucHVd/Fif+FPYaleQ2uC
gvPYleiPhqfETQqrEq/SthT4P1Aq9XlwdMgnL8785/7Eqx2Z4m859Y2ol9Eyn/pZ
9lsa++Y4PlENrOzRfqkad/J2RzSq0UI/7fbz/pJ7mZxHAd6J8fJQyX+2vJILqbZP
WDu14EsmaxB3y5BZSGGQpmLdeklr/i/0H9ytmcxea9Vq8/8rWCMST/1TbhuBUVX7
Wp4hPpfJ1U7ACKpqy/JlDDt8HFbS7Ycl4+SoMELLuYqNctTRJaNWOen58VnqyVyB
sM1Zv0O8HOfXkaXCJgxNiwctUJpbtFZAoXcFzrRWUksITPsx233+9fjIikU44U1p
6bhyjIgGhw==
=EfM3
-----END PGP SIGNATURE-----

More information about the WireGuard mailing list