Skip to content

Releases: gravitational/teleport

Teleport 17.2.1

23 Jan 02:15
@camscale camscale
v17.2.1
1d267b0
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
Teleport 17.2.1 Latest
Latest

Description

Security Fixes

  • Improve Azure join validation by verifying subscription ID. #51328

Other Improvements and Fixes

  • Added support for multiple active CAs in tctl auth export. #51375
  • Teleport Connect now shows a resource name in the status bar. #51374
  • Role presets now include default values for github_permissions and the git_server resource kind. github_permissions now supports traits. #51369
  • Fix backwards compatibility error where users were unable to login with Teleport Connect if Connect version is below v17.2.0 with Teleport cluster version v17.2.0. #51368
  • Added wildcard-workload-identity-issuer preset role to improve Day 0 experience with configuring Teleport Workload Identity. #51341
  • Added more granular audit logging surrounding SSH port forwarding. #51325
  • FIxes a bug causing the terraform-provider preset role to not automatically allow newly supported resources. #51320
  • GitHub server resource now shows in Web UI. #51303

Download

Download the current and previous releases of Teleport at https://goteleport.com/download.

Plugins

Download the current release of Teleport plugins from the links below.

labels: security-patch=yes

Assets 2
Loading

Teleport 17.2.0

22 Jan 04:37
@camscale camscale
v17.2.0
43a9972
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
Teleport 17.2.0

Description

Per-session MFA via IdP

Teleport users can now satisfy per-session MFA checks by authenticating with an
external identity provider as an alternative to using second factors registered
with Teleport.

GitHub access

Teleport now natively supports GitHub access allowing users to transparently
interact with GitHub with RBAC and audit logging support.

Oracle Toad client support

Oracle Database Access users can now use the Toad GUI client.

Trusted clusters support for Kubernetes operator

Kubernetes operator users can now create trusted clusters using Kubernetes
custom resources.

Other improvements and fixes

  • Fixed WebAuthn attestation for Windows Hello. #51247
  • Include invited and reason fields in SessionStartEvents. #51175
  • Updated Go to 1.23.5. #51172
  • Fixed client tools auto-updates executed by aliases (causes recursive alias error). #51154
  • Support proxying Git commands for github.com. #51086
  • Assuming an Access Request in Teleport Connect now propagates elevated permissions to already opened Kubernetes tabs. #51055
  • Fixed AWS SigV4 parse errors in app access when the application omits the optional spaces between the SigV4 components. #51043
  • Fixed a Database Service bug where db_service.resources.aws.assume_role_arn settings could affect non-AWS dynamic databases or incorrectly override db_service.aws.assume_role_arn settings. #51039
  • Adds support for defining labels in the web UI Discover flows for single resource enroll (server, AWS and web applications, Kubernetes, EKS, RDS). #51038
  • Added support for using multi-port TCP apps in Teleport Connect without VNet. #51014
  • Fix naming conflict of DynamoDB audit event auto scaling policy. #50990
  • Prevent routing issues for agentless nodes that are created with non-UUID metadata.name fields. #50924
  • Honor the cluster routing strategy when client initiated host resolution via proxy templates or label matching is ambiguous. #50799
  • Emit audit events on access request expiry. #50775
  • Add full SSO MFA support for the WebUI. #50529

Enterprise:

  • Oracle: accept database certificates configuration used by Teleport Connect.

Download

Download the current and previous releases of Teleport at https://goteleport.com/download.

Plugins

Download the current release of Teleport plugins from the links below.

Assets 2
Loading

Teleport 16.4.14

21 Jan 20:48
@camscale camscale
v16.4.14
3553a42
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
Teleport 16.4.14

Description

  • Fixed WebAuthn attestation for Windows Hello. #51248
  • Fixed client tools auto-updates executed by aliases (causes recursive alias error). #51182
  • Include invited and reason fields in SessionStartEvents. #51176
  • Updated Go to 1.22.11. #51137
  • Assuming an Access Request in Teleport Connect now propagates elevated permissions to already opened Kubernetes tabs. #51056
  • Fixed AWS SigV4 parse errors in app access when the application omits the optional spaces between the SigV4 components. #51044
  • Fixed a Database Service bug where db_service.resources.aws.assume_role_arn settings could affect non-AWS dynamic databases or incorrectly override db_service.aws.assume_role_arn settings. #51041
  • Prevent routing issues for agentless nodes that are created with non-UUID metadata.name fields. #50925
  • Honor the cluster routing strategy when client initiated host resolution via proxy templates or label matching is ambiguous. #50800

Enterprise:

  • Okta: Fixed web UI status display for SSO-only integration.

Download

Download the current and previous releases of Teleport at https://goteleport.com/download.

Plugins

Download the current release of Teleport plugins from the links below.

Assets 2
Loading

Teleport 15.4.26

21 Jan 22:56
@camscale camscale
v15.4.26
b9e73d5
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
Teleport 15.4.26

Description

  • Fixed WebAuthn attestation for Windows Hello. #51249
  • Fixed client tools auto-updates executed by aliases (causes recursive alias error). #51183
  • Include invited and reason fields in SessionStartEvents. #51177
  • Updated Go to 1.22.11. #51138
  • Assuming an Access Request in Teleport Connect now propagates elevated permissions to already opened Kubernetes tabs. #51057
  • Fixed AWS SigV4 parse errors in app access when the application omits the optional spaces between the SigV4 components. #51045
  • Fixed a Database Service bug where db_service.resources.aws.assume_role_arn settings could affect non-AWS dynamic databases or incorrectly override db_service.aws.assume_role_arn settings. #51042
  • Prevent routing issues for agentless nodes that are created with non-UUID metadata.name fields. #50926

Download

Download the current and previous releases of Teleport at https://goteleport.com/download.

Plugins

Download the current release of Teleport plugins from the links below.

Assets 2
Loading

Teleport 17.1.6

14 Jan 02:14
@camscale camscale
v17.1.6
b806725
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
Teleport 17.1.6

Description

  • Fix panic in EKS Auto Discovery. #50998
  • Add trusted clusters support to Kubernetes operator. #50995

Download

Download the current and previous releases of Teleport at https://goteleport.com/download.

Plugins

Download the current release of Teleport plugins from the links below.

Assets 2
Loading

Teleport 17.1.5

10 Jan 21:41
@doggydogworld doggydogworld
v17.1.5
ee1532a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
Teleport 17.1.5

Description

  • Fixes an issue causing Azure join method to fail due to throttling. #50928
  • Fix Teleport Connect Oracle support. Requires updated Teleport database agents (v17.1.5+). #50922
  • Prevent quoting errors in log messages. #50821
  • Fixed an issue that could cause teleport event handlers to become stuck in an error loop upon upgrading to v17 (fix requires upgrading auth server). #50820
  • Add user_agent field to db.session.start audit events. #50806
  • Fix an issue "tsh aws ssm start-session" fails when KMS encryption is enabled. #50796
  • Support wider range of Oracle clients and simplified configuration. #50740
  • Added support for multi-port TCP apps to tsh proxy app. #50691

Download

Download the current and previous releases of Teleport at https://goteleport.com/download.

Plugins

Download the current release of Teleport plugins from the links below.

Assets 2
Loading

Teleport 16.4.13

11 Jan 00:00
@doggydogworld doggydogworld
v16.4.13
6377aab
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
Teleport 16.4.13

Description

  • Fixes an issue causing Azure join method to fail due to throttling. #50929
  • Prevent quoting errors in log messages. #50822
  • Fix an issue "tsh aws ssm start-session" fails when KMS encryption is enabled. #50797
  • Updates the UI login redirection service to honor redirection to enterprise/saml-idp/sso path even if user is already authenticated with Teleport. #50794
  • Fixed a Postgres database-access auto-user provisioning syntax error that caused a misleading debug level error log in most cases, unless the database admin is not a superuser and the database was upgraded from Postgres v15 or lower to Postgres v16 or higher, in which case the role "teleport-auto-user" must be granted to the database admin with the ADMIN option manually. #50783
  • Fixes a bug where S3 bucket details fail to fetch due to incorrect bucket region. #50764
  • Prevent panicking during shutdown when SQS consumer is disabled. #50647
  • Add a --labels flag to the tctl tokens ls command. #50625
  • Fix a bug in the tbot Helm chart causing invalid configuration when both default and custom outputs were used. #50527
  • Restore the ability to play session recordings in the web UI without specifying the session duration in the URL. #50461
  • Fix missing roles in Access Lists causing users to be locked out of their account. #50460
  • Fixed an issue that could cause some antivirus tools to block Teleport's Device Trust feature on Windows machines. #50454
  • Reverted a change that caused the Kubernetes cluster name to be displayed at the end of the tab title in Teleport Connect. #50390

Enterprise:

  • Fix missing cleanup actions if the Oracle db connection is closed in its initial phases.
  • Fixed an issue where the Access Graph HTTP endpoint resolution failed to retry after the initial failure.

Download

Download the current and previous releases of Teleport at https://goteleport.com/download.

Plugins

Download the current release of Teleport plugins from the links below.

Assets 2
Loading

Teleport 15.4.25

11 Jan 01:31
@doggydogworld doggydogworld
v15.4.25
79ab18b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
Teleport 15.4.25

Description

  • Prevent quoting errors in log messages. #50823
  • Fix an issue "tsh aws ssm start-session" fails when KMS encryption is enabled. #50798
  • Updates the UI login redirection service to honor redirection to enterprise/saml-idp/sso path even if user is already authenticated with Teleport. #50795
  • Fixed a Postgres database-access auto-user provisioning syntax error that caused a misleading debug level error log in most cases, unless the database admin is not a superuser and the database was upgraded from Postgres v15 or lower to Postgres v16 or higher, in which case the role "teleport-auto-user" must be granted to the database admin with the ADMIN option manually. #50785
  • Fixes a bug where S3 bucket details fail to fetch due to incorrect bucket region. #50765
  • Prevent panicking during shutdown when SQS consumer is disabled. #50646
  • Fix a bug in the tbot Helm chart causing invalid configuration when both default and custom outputs were used. #50528
  • Restore the ability to play session recordings in the web UI without specifying the session duration in the URL. #50462
  • Fixed an issue that could cause some antivirus tools to block Teleport's Device. #50455
  • Updated golang.org/x/net to v0.33.0 (addresses CVE-2024-45338). #50399
  • Improved the performance of Teleport agents serving a large number of resources in Kubernetes. #50281
  • Improve performance of Kubernetes App Auto Discover. #50267
  • Properly close ssh port forwarding connections to prevent requests hanging indefinitely. #50240

Enterprise:

  • Fix missing cleanup actions if the Oracle db connection is closed in its initial phases.
  • Fixed an issue where the Access Graph HTTP endpoint resolution failed to retry after the initial failure.

Download

Download the current and previous releases of Teleport at https://goteleport.com/download.

Plugins

Download the current release of Teleport plugins from the links below.

Assets 2
Loading

Teleport 17.1.4

07 Jan 08:45
@camscale camscale
v17.1.4
db102d9
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
Teleport 17.1.4

Description

  • Fixed a Postgres database-access auto-user provisioning syntax error that caused a misleading debug level error log in most cases, unless the database admin is not a superuser and the database was upgraded from Postgres v15 or lower to Postgres v16 or higher, in which case the role "teleport-auto-user" must be granted to the database admin with the ADMIN option manually. #50782
  • Fixes a bug where S3 bucket details fail to fetch due to incorrect bucket region. #50763
  • Present connection errors to the Web UI terminal during database sessions. #50700

Enterprise:

  • Fix missing cleanup actions if the Oracle db connection is closed in its initial phases.

Download

Download the current and previous releases of Teleport at https://goteleport.com/download.

Plugins

Download the current release of Teleport plugins from the links below.

Assets 2
Loading

Teleport 17.1.3

02 Jan 22:05
@doggydogworld doggydogworld
v17.1.3
9726471
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
Teleport 17.1.3

Description

  • Fixes a bug where v16 Teleport cannot connect to v17.1.0, v17.1.1 and v17.1.2 clusters. #50658
  • Prevent panicking during shutdown when SQS consumer is disabled. #50648
  • Add a --labels flag to the tctl tokens ls command. #50624

Download

Download the current and previous releases of Teleport at https://goteleport.com/download.

Plugins

Download the current release of Teleport plugins from the links below.

Assets 2
Loading