fleetdm/fleet fleet-v4.63.0

on GitHub

Fleet 4.63.0 (Feb 04, 2025)

Device management (MDM)

• Allowed the delivery of bootstrap packages and software installers using signed URLs from CloudFront CDN. To enable, configured the following server settings:
  • s3_software_installers_cloudfront_url
  • s3_software_installers_cloudfront_url_signing_public_key_id
  • s3_software_installers_cloudfront_url_signing_private_key
• Downgraded the expected or common "BootstrapPackage not found" server error to a debug message. This occurred when the UI or API checked if a bootstrap package existed.
• Removed the arrow icon from the MDM solution table on the dashboard page.

Orchestration

• Added the ability to install VPP apps on policy failure.
• Implemented user-level settings and used them to persist a user's selection of which columns to display on the hosts table.
• Included a host's team-level queries when the user selected a query to target a specific host via the host details page.
• Included osquery pre-releases in the daily UI constant update GitHub Actions job.
• Displayed the correct path for agent options when a key was placed in the wrong object.
• When running a live query from the edit query form, considered the results of the run in calculating an existing query's performance impact if the user did not change the query from the stored version.
• Improved the validation workflow on the SMTP settings page.
• Clarified the expected behavior of policy host counts, dashboard controls software count, and controls OS updates versions count.
• Rendered the default empty value when a host had no UUID.
• Used an email logo compatible with dark modes.
• Improved readability of the success message on email update by never including the sender address.

Software

• Added the ability to install VPP apps on policy failure.
• Allowed filtering of titles by "any of these platforms" in GET /api/v1/fleet/software/titles.
• Added VPP apps to the automatic installation dropdown for failed policies and included auto-install information on the VPP app details page.
• Updated Fleet-maintained app install scripts for non-PKG-based installers to allow the apps to be installed over an existing installation.
• Clarified that editing VPP teams would remove App Store apps available to the team, not uninstall apps from hosts.
• Pushed the correct paths to the URL on the "My device" page when self-service was not enabled for the host.
• Displayed command line installation instructions when a package was generated.
• Added a fallback for extracting the app name from .pkg installers that had default or incorrect title attributes in their distribution file.
• Stopped VPP apps from being removed from teams whenever the VPP token team assignment was updated.
• Improved software installation for failed policies by adding platform-specific filtering in the software dropdown so that only compatible software was displayed based on each policy's targeted platforms.
• Added a timestamp for the software, OS, and vulnerability detail pages for the host count last update time.

Bug fixes and improvements

• Fixed an issue where the vulnerabilities cron failed in large environments due to large SQL queries.
• Fixed two broken links in the setup experience.
• Fixed a UI bug on the "My device" page where the "Software" tab included filter elements that did not match the expected design.
• Fixed a UI bug on the "Controls" page where incorrect timestamp information was displayed while the "Current versions" table was loading.
• Fixed an issue for batch upload of Apple DDM profiles with fleetctl gitops where the activity feed showed a change even when profiles did not actually change.
• Fixed a software name overflow in various modals.
• Fixed form validation behavior on the SSO settings form.
• Fixed MSI parsing for packages that included long interned strings (e.g., licenses for the OpenVPN Connect installer).
• Fixed a software actions dropdown styling bug.
• Fixed an issue where identical MDM commands were sent twice to the same device when the replica database was being used.
• Fixed a redirect when clicking on any column in the Fleet Maintained Apps table.
• Fixed an issue where deleted Apple config profiles were installed on devices because the devices were offline when the profile was added.
• Fixed a CVE-2024-10327 false positive on Fleet-supported platforms (the vulnerability was iOS-only and iOS vulnerability checking was not supported).
• Fixed missing capabilities in the UI for team admins when creating or editing a user by exposing more information from the API for team admins.

Fleet's agent

The following version of Fleet's agent (fleetd) support the latest changes to Fleet:

1. orbit-v1.38.1
2. fleet-desktop-v1.38.1 (included with Orbit)
3. fleetd-chrome-v1.3.1

While newer versions of fleetd still function with older versions of the Fleet server (and vice versa), Fleet does not actively test these scenarios and some newer features won't be available.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for Fleet is available at fleetdm.com/docs.

Binary Checksum

SHA256

f12474fc401d1c707ee5872d63cf7ffff4e8935d01e381b14ce8f6ec0e581981  fleet_v4.63.0_linux.tar.gz
67e3a087c68dd19fa8db1a59749892b19d6e5a48e8eecf78ab0c3039760f2d1f  fleetctl_v4.63.0_linux.tar.gz
77cd43a63ecc2a6effdd28242caeadafa7a390bfff414aab71b73080e42c82cc  fleetctl_v4.63.0_linux.zip
254c59d6f32b5ac7a8978b9e1f33c55c3cbc3cae8892aa2b5b9475f2b419fa3a  fleetctl_v4.63.0_macos.tar.gz
18092bc9c92086d665c61fec640e1e547bb24550f10c4f809449ef3b2cf592c4  fleetctl_v4.63.0_macos.zip
2543c06b02a4d73dcf0ccf97b0bba33f61a3e85d940d2777f1cff62d92d44ec7  fleetctl_v4.63.0_windows.tar.gz
ee0e1c631c5b402eb861bf59e1dc132882111d809e62d113489af55ec767d7da  fleetctl_v4.63.0_windows.zip