24.09.002 changelog

24.09.002

Released on 5 September, 2024.

Server

Features

  • Up to this point, Bowtie has only allowed routing via NAT through our controllers. Significant changes have been made to allow preview release of highly-available direct routing via BGP participation at your sites.

    With this change, a previously required kernel module is not necessary in all circumstances. --enable_nat64_kernel_module=false can now be used on controllers where no NAT64 capability is necessary.

  • Controllers now have the ability to selectively block IP addresses or CIDR networks from control plane web access. Reference the web filter documentation for additional information.

Enhancements

  • Updated the base Controller appliance operating system to reflect the latest upstream package updates.

    The table below lists relevant user-facing packages that may impact custom configuration settings on deployed Controllers:

    Package Old Version New Version
    grafana 10.4.4 10.4.6
    grafana-loki 3.0.0 3.1.1
    linux 6.1.96 6.1.104
    prometheus 2.52.0 2.53.1
    promtail 3.0.0 3.1.1

    When upgrading your Controller, please bear the following release notes in mind:

    • This update includes an update from Linux kernel version 6.1.96 to 6.1.104. System services should continue to operate normally across kernel updates, but if you require that the system run on the newer kernel, you should follow-up with any update actions with a system reboot to run on the newer kernel, but this step is not required.

    At the time of writing, a scan of all operating system dependencies yielded no outstanding critical vulnerabilities requiring immediate action.

Fixes

  • Improved Content-Security-Policy handling by proactively caching assets.
  • Addressed an issue that could cause Control Plane web pages to present Content-Security-Policy loading errors resulting in an empty white screen.
  • The Controller Control Plane web interface now has more targeted caching headers set to ensure that the correct assets are used. This bug would manifest as web interface bugs following a Controller version update.
  • The qemu guest agent now runs on all qcow and qcow-efi formats (conditionally upon whether the host is running inside of qemu).

Client

Features

  • A mechanism to limit CPU usage was added.

    This also should help limit runaway logs.

Fixes

  • In Version 24.09.001 a regression occurred in allowing private names to be resolved with some DNS configurations.