Description
- Fixed bug that caused gRPC connections to be disconnected when their certificate expired even though DisconnectCertExpiry was false. #43292
- Fixed bug where a Teleport instance running only Jamf or Discovery service would never have a healthy
/readyz
endpoint. #43285 - Added a missing
[Install]
section to theteleport-acm
systemd unit file as used by Teleport AMIs. #43258 - Updated
teleport
to skipjamf_service
validation when the Jamf is not enabled. #43170 - Improved log rotation logic in Teleport Connect; now the non-numbered files always contain recent logs. #43163
- Made tsh and Teleport Connect return early during login if ping to proxy service was not successful. #43087
- Added ability to edit user traits from the Web UI. #43070
- Enforce limits when reading events from Firestore to prevent OOM events. #42968
- Fixed an issue Oracle access failed through trusted cluster. #42929
- Fixes errors caused by
dynamoevents
queryStartKey
not being within the [From, To] window. #42914 - Fixed updating groups for Teleport-created host users. #42883
- Update azidentity to v1.6.0 (patches CVE-2024-35255). #42860
- Remote rate limits on endpoints used extensively to connect to the cluster. #42836
- Improved the performance of the Athena audit log and S3 session storage backends. #42796
- Prevented a panic in the Proxy when accessing an offline application. #42787
- Improve backoff of session recording uploads by teleport agents. #42775
- Reduced backend writes incurred by tracking status of non-recorded sessions. #42695
- Fixed listing available DB users in Teleport Connect for databases from leaf clusters obtained through access requests. #42681
- Fixed not being able to logout from the web UI when session invalidation errors. #42654
- Updated OpenSSL to 3.0.14. #42643
- Teleport Connect binaries for Windows are now signed. #42473
- Updated Go to 1.21.11. #42416
- Fix web UI notification dropdown menu height from growing too long from many notifications. #42338
- Disabled session recordings for non-interactive sessions when enhanced recording is disabled. #42321
- Fixed issue where removing an app could make teleport app agents incorrectly report as unhealthy for a short time. #42269
- Fixed a panic in the DynamoDB audit log backend when the cursor fell outside of the [From,To] interval. #42266
- The
teleport configure
command now supports a--node-name
flag for overriding the node's hostname. #42249 - Fixed an issue where mix-and-match of join tokens could interfere with some services appearing correctly in heartbeats. #42188
- Improved temporary disk space usage for session recording processing. #42175
- Fixed a regression where Kubernetes Exec audit events were not properly populated and lacked error details. #42146
- Fix Azure join method when using Resource Groups in the allow section. #42140
- Fixed resource leak in session recording cleanup. #42069
- Reduced memory and cpu usage after control plane restarts in clusters with a high number of roles. #42064
- Fixed the field
allowed_https_hostnames
in the Teleport Operator resources: SAML, OIDC, and GitHub Connector. #42056 - Enhanced error messaging for clients using
kubectl exec
v1.30+ to include warnings about a breaking change in Kubernetes. #41989
Enterprise-Only changes:
- Improved memory usage when reconciling Access Lists members to prevent Out of Memory events when reconciling a large number of Access Lists members.
- Prevented Access Monitoring reports from crashing when large datasets are returned.
- Ensured graceful restart of
teleport.service
after an upgrade.
Download
Download the current and previous releases of Teleport at https://goteleport.com/download.