diff --git a/packaging/rpm/ja4sentinel.spec b/packaging/rpm/ja4sentinel.spec
index 7c0e104..e69a037 100644
--- a/packaging/rpm/ja4sentinel.spec
+++ b/packaging/rpm/ja4sentinel.spec
@@ -1,5 +1,5 @@
 Name:           ja4sentinel
-Version:        1.0.1
+Version:        1.0.2
 Release:        1%{?dist}
 Summary:        JA4 TLS fingerprinting daemon for network monitoring
 License:        MIT
@@ -7,11 +7,11 @@ URL:            https://github.com/your-repo/ja4sentinel
 BuildArch:      x86_64
 
 # Distribution-agnostic dependencies
-# systemd is available on all target distros (CentOS 7, Rocky 8/9/10)
+# systemd is available on all target distros (Rocky 8/9/10, AlmaLinux)
 Requires:       systemd
 # libpcap is required for packet capture (dynamically linked)
-# Version varies by distro: CentOS 7 (1.4.0), Rocky 8/9/10 (1.9.0+)
-Requires:       libpcap >= 1.4.0
+# Version varies by distro: Rocky 8/9/10 (1.9.0+)
+Requires:       libpcap >= 1.9.0
 
 %description
 JA4Sentinel is a Go-based tool for capturing network traffic on Linux servers,
@@ -25,7 +25,7 @@ Features:
 - IP/TCP metadata enrichment
 - Multiple output formats (stdout, file, UNIX socket)
 - Structured JSON logging for systemd/journald
-- Compatible with CentOS 7, Rocky Linux 8/9/10, RHEL
+- Compatible with Rocky Linux 8/9/10, RHEL, AlmaLinux
 
 %prep
 # No source to unpack, binary is pre-built
@@ -114,6 +114,20 @@ fi
 %dir /var/run/ja4sentinel
 
 %changelog
+* Sat Feb 28 2026 JA4Sentinel Team <team@example.com> - 1.0.2-1
+- BREAKING: Drop CentOS 7 support (EOL June 2024), minimum Rocky Linux 8
+- Fix race condition in TLS parser with per-ConnectionFlow mutex
+- Fix memory leak in fragmented ClientHello buffer accumulation
+- Add log file rotation (100MB, 3 backups)
+- Improve UNIX socket reconnection with async queue and exponential backoff
+- Add BPF filter validation (characters, length, balanced parentheses)
+- Secure file permissions (0600 instead of 0644)
+- Add 46 unit tests (capture, output, logging)
+- Enable race detection in test pipeline (go test -race)
+- Increase pcap snaplen from 1600 to 65535 bytes for large TLS handshakes
+- Increase socket timeouts (2s to 5s) with configurable backoff
+- Add named constants for configuration values
+
 * Sat Feb 28 2026 JA4Sentinel Team <team@example.com> - 1.0.1-1
 - Add configurable packet channel buffer size for high-throughput capture
 - Add timestamp field to LogRecord for precise event tracking