github fleetdm/fleet fleet-v4.13.0

latest releases: orbit-v0.0.11, fleet-v4.14.0, orbit-v0.0.10...
one month ago

Changes

Known issues

This release contains an issue with path validation in SSO, resulting in SSO users not able to login following an upgrade from a previous version of Fleet. If you use SSO we recommend installing 4.13.1.

This is a security release.

  • Security: Fix several post-authentication authorization issues. Only Fleet Premium users that
    have team users are affected. Fleet Free users do not have access to the teams feature and are
    unaffected. See the following security advisory for details: GHSA-pr2g-j78h-84cr

  • Improve performance of software inventory on Windows hosts.

  • Add basic​_auth.username and basic_auth.password Prometheus configuration options. The GET /metrics API route is now disabled if these configuration options are left unspecified.

  • Fleet Premium: Add ability to specify a team specific "Destination URL" for policy automations.
    This allows the user to configure Fleet to send a webhook request to a unique location for
    policies that belong to a specific team. Documentation on what data is included the webhook
    request and when the webhook request is sent can be found here on fleedm.com/docs

  • Add ability to see the total number of hosts with a specific macOS version (ex. 12.3.1) on the
    Home > macOS page. This information is also available via the GET /os_versions API route.

  • Add ability to sort live query results in the Fleet UI.

  • Add a "Vulnerabilities" column to Host details > Software page. This allows the user see and search for specific vulnerabilities (CVEs) detected on a specific host.

  • Update vulnerability automations to fire anytime a vulnerability (CVE), that is detected on a
    host, was published to the
    National Vulnerability Database (NVD) in the last 30 days, is detected on a host. In previous
    versions of Fleet, vulnerability automations would fire anytime a CVE was published to NVD in the
    last 2 days.

  • Update the Policies page to ask the user to wait to see accurate passing and failing counts for new and recently edited policies.

  • Improve API-only (integration) users by removing the requirement to reset these users' passwords
    before use. Documentation on how to use API-only users can be found here on fleetdm.com/docs.

  • Improve the responsiveness of the Fleet UI by adding tablet screen width support for the Software,
    Queries, Schedule, Policies, Host details, Settings > Teams, and Settings > Users pages.

  • Add Beta support for integrating with Jira to automatically create a Jira issue when a
    new vulnerability (CVE) is detected on a host in Fleet.

  • Add Beta support for Fleet Desktop on Windows. Fleet Desktop allows the device user to see
    information about their device. To add Fleet Desktop to a Windows device, first add the
    --fleet-desktop flag to the fleectl package command to generate a Fleet-osquery installer that
    includes Fleet Desktop. Then, open this installer on the device.

  • Fix a bug in which downloading Fleet's vulnerability database failed if the destination directory specified
    was not in the tmp/ directory.

  • Fix a bug in which the "Updated at" time was not being updated for the "Mobile device management
    (MDM) enrollment" and "Munki versions" information on the Home > macOS page.

  • Fix a bug in which Fleet would consider Docker network interfaces to be a host's primary IP address.

  • Fix a bug in which tables in the Fleet UI would present misaligned buttons.

  • Fix a bug in which Fleet failed to connect to Redis in standalone mode.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for Fleet is available at fleetdm.com/docs.

Binary Checksum

SHA256

07a377b78a973192d8eb5380d3effb6323f08700a44a6bf9da0f7906bd71eb7c  fleetctl_v4.13.0_windows.tar.gz
36c59106d083476396983a44c53f06d91107cafb1ec08943a30a2385ec4b55b1  fleetctl_v4.13.0_linux.tar.gz
41580e1696c25e12ab882d5d40cd28b3947f131870da9c897ddf93304eb10015  fleetctl_v4.13.0_windows.zip
7a861552e6687364def9c55478d626e3da9a56ecf37ec978a17f9f8d77471522  fleet_v4.13.0_linux.tar.gz
3b97db442762a8c7acbdc8949b42637cb3f1c830b623e0d368b54fadd150b68b  fleetctl_v4.13.0_macos.tar.gz
0da2cfd4936c5e359c3e4347ef7214cbf5543f3c0e1e621a59bf146531f0cf06  fleetctl_v4.13.0_macos.zip
daaddb3837c3bbfd68881756c56725fddd3320469efb69e9fcc41cd6c17cd568  fleetctl_v4.13.0_linux.zip

Don't miss a new fleet release

NewReleases is sending notifications on new releases.