Description
This release of Teleport contains one security fix and various other updates
Security Fixes
[Critical] Privilege escalation through RecursiveChown
When using automatic Linux user creation, an attacker could exploit a race condition in the user creation functionality to chown arbitrary files on the system.
Users who aren't using automatic Linux host user creation aren’t affected by this vulnerability.
Other fixes
- Improved error messaging in
tsh kube credentialswhen root cluster roles don't allow Kube access #33227 - Fixed self-signed certificate issue on macOS #33158
- Allow "auth unreachable" error message to be configurable #33039
- Fixed user session tracking across trusted clusters #33019
- Fixed issue causing keys to be incorrectly removed in tsh and Teleport Connect on Windows #32965
- Added connection information to multiplexer logs #32740
- Fixed spurious timeouts in Database Access Sessions #32726
- Fixed a corner case of privilege tokens where MFA devices disabled by cluster settings were still counted against the user #32669
- Fixed multiple discovery install attempts on Azure & GCP VMs #32571
Download
Download the current and previous releases of Teleport at https://goteleport.com/download.