The new version with tag 2023_08_18.0af928e includes the following changes:

    0af928e selinux: Fix domain transitions for typical commands pasta might run
    30817fd selinux: Allow pasta_t to read nsfs entries
    9776521 selinux: Add rules for sysctl and /proc/net accesses
    56b8633 selinux: Update policy to fix user/group settings
    6205905 selinux: Fix user namespace creation after breaking kernel change
    0c42326 selinux: Use explicit paths for binaries in file context
    479a9e1 fedora: Install pasta as hard link to ensure SELinux file context match
    5f1fcff tap: Fix format specifier in tap4_is_fragment() warning
    da0aeb9 netlink: Don't propagate host address expiry to the container
    b4f8ffd netlink: Correctly calculate attribute length for address messages
    4b9f4c2 netlink: Remove redundant check on nlmsg_type
    5ed4e03 conf: Demote overlapping port ranges error to a warning
    ae5f6c8 epoll: Use different epoll types for passt and pasta tap fds
    eda4f19 epoll: Split listening Unix domain socket into its own type
    485b5fb epoll: Split handling of listening TCP sockets into their own handler
    e6f81e5 epoll: Split handling of TCP timerfds into its own handler function
    8271a2e epoll: Tiny cleanup to udp_sock_handler()
    05f606a epoll: Split handling of ICMP and ICMPv6 sockets
    d850caa epoll: Fold sock_handler into general switch on epoll event fd
    6a6735e epoll: Always use epoll_ref for the epoll data variable
    3401644 epoll: Generalize epoll_ref to cover things other than sockets
    e26282b tap: Fold reset handling into tap_handler_passt()
    0d870c5 tap: Fold reset handling into tap_handler_pasta()
    548e05f tap: Clean up behaviour for errors on listening Unix socket
    28877b0 tap: Clean up tap reset path
    b2bea00 tap: fix seq->p.count limit
    02b30e7 netlink: Propagate errors for "dup" operations
    5103811 netlink: Propagate errors for "dump" operations
    4d6e9d0 netlink: Always process all responses to a netlink request
    8de9805 netlink: Propagate errors for "set" operations
    a309318 netlink: Add nl_foreach_oftype to filter response message types
    99ddd7c netlink: Split nl_req() to allow processing multiple response datagrams
    8ec757d netlink: Clearer reasoning about the netlink response buffer size
    9d4ab98 netlink: Add nl_do() helper for simple operations with error checking
    282581b netlink: Fill in netlink header fields from nl_req()
    f62600b netlink: Treat send() or recv() errors as fatal
    0a568c8 netlink: Start sequence number from 1 instead of 0
    dee7594 netlink: Make nl_*_dup() use a separate datagram for each request
    576df71 netlink: Explicitly pass netlink sockets to operations
    cfe7509 netlink: Use struct in_addr for IPv4 addresses, not bare uint32_t
    257a6b0 netlink: Split nl_route() into separate operation functions
    eff3bcb netlink: Split nl_addr() into separate operation functions
    e96182e netlink: Split up functionality of nl_link()
    0cf7bf3 tap: Remove unnecessary global tun_ns_fd
    7bc9b66 tap: More detailed error reporting in tap_ns_tun()
    6920add util: Make ns_enter() a void function and report setns() errors
    b15ce5b Use static assertion to verify that union epoll_ref is the right size
    8218d99 Use C11 anonymous members to make poll refs less verbose to use
    649068a Allow C11 code, not just C99 code
    023d684 Revert "MAKE: Fix parallel builds; .o files; .gitignore; new
makedocs"
    cc2a6be MAKE: Fix parallel builds; .o files; .gitignore; new makedocs
    e01759e tap: Explicitly drop IPv4 fragments, and give a warning
    4c98d3b conf: Correct length checking of interface names in conf_ports()
    c4017cc conf: Fix size checking of -I interface name

    https://passt.top/passt/log/?qt=range&q=2023_06_27.289301b..2023_08_18.…

Packages:

- Arch Linux:
  https://www.archlinux.org/packages/extra/x86_64/passt/
  https://archlinuxarm.org/packages/aarch64/passt
  https://archlinuxarm.org/packages/armv7h/passt

- Debian tracker:
  https://tracker.debian.org/pkg/passt

- Copr (CentOS Stream, EPEL, Fedora, Mageia, openSUSE):
  https://copr.fedorainfracloud.org/coprs/sbrivio/passt/build/6317140/
  permanent mirror: https://passt.top/builds/copr/0^20230818.g0af928e/

- Fedora updates:
  https://bodhi.fedoraproject.org/updates/?packages=passt

- Ubuntu tracker:
  https://packages.ubuntu.com/lunar/passt

- Void Linux:
  https://voidlinux.org/packages/?q=passt

- Static builds:
  - Package for other RPM-based distributions, x86_64 only:
    https://passt.top/builds/latest/x86_64/passt-g0af928e-1.x86_64.rpm

  - x86_64 static binaries:
    https://passt.top/builds/latest/x86_64/

  - Debian package, from x86_64 static build:
    https://passt.top/builds/latest/x86_64/passt_0af928e-1_all.deb

-- 
Stefano