v1.66.0
We recommend updating all Tailscale clients to v1.66.0 or later to benefit from additional security improvements.
All platforms
- Implemented client-side quarantining for shared-in exit nodes, as a mitigation for a security vulnerability described in TS-2024-005.
Linux
- Use the --stateful-filtering flag for the tailscale up to enable stateful filtering for subnet routers and exit nodes, as a mitigation for a security vulnerability described in TS-2024-005.
- Note: This change can break existing setups that depend on forwarding connections from external hosts (internet, LAN, Docker containers, etc.) into the tailnet through a Tailscale node. If your setup depends on such forwarding, you can disable stateful filtering with the tailscale up --stateful-filtering=false command.
- Use tab completion to type the first few letters of a Tailscale CLI command, flag, or arguments, followed by the tab key to complete the item being typed. Set up tab completion by using the tailscale completion command.
- Use the tailscale exit-node suggest command to automatically pick an available exit node that is likely to perform best.
- Site-to-site networking now also requires --stateful-filtering=false in addition to --snat-subnet-routes=false on new subnet routers. Existing subnet routers with --snat-subnet-routes=false will default to --stateful-filtering=false.
macOS
- View a suggested exit node in the Exit Node picker when available.
- Generate a macOS Configuration Report .txt file from the Bug Report view to help the Tailscale support team diagnose issues.
- Improved error detection logic warns the user when a version mismatch is detected between the Tailscale client GUI and the network extension.
iOS
- See direct vs. relayed connections in the Ping view.
- View a suggested exit node in the Exit Node picker when available.
- Use auth keys to log in without using the browser.
- Search tagged devices by tag in the Devices list.
- Remove accounts in the Fast User Switching view by using a long press, without having to log out.
- Improved UI experience to log into a custom coordination server like Headscale.
- The Fast User Switching view can now be used when Tailscale is disconnected.
- Improved error detection logic warns the user when a version mismatch is detected between the Tailscale client GUI and the network extension.
- Reduced app launch time.
tvOS
- Manage DNS configuration in the DNS Settings view.
- Generate a bug report identifier by navigating to About Tailscale > Report an issue.
- Improved error detection logic warns the user when a version mismatch is detected between the Tailscale client GUI and the network extension.
Android
- We've rebuilt the Android app from the ground up, adopting a similar design that we've previously rolled out on iOS and using the latest Android best practices.
- Use new status indicators to see at-a-glance insights into node connectivity. Tap on a node to see detailed information.
- See detailed information about resolvers, domains, and routing configurations in a dedicated DNS Settings view.
- See the status of Tailnet lock and node keys.
- Use Fast user switching to switch between two or more logged-in accounts on the same device, without requiring you to re-authenticate.
- Use auth keys to log in without using the browser.
- Manage Android devices in your tailnet using Mobile Device Management (MDM) solutions such as Google Workspace, Microsoft Intune, or TinyMDM, among other tools.
- Accessibility support.
- Use dark mode as an alternative to light mode.
- The Quick Settings tile has been temporarily disabled, pending resolution of an issue.
- More intuitive behavior switching between exit nodes.
- Resolved an issue with LAN access during exit node use.