gravitational/teleport v16.1.1

Teleport 16.1.1

on GitHub

Description

• Added option to allow client redirects from IPs in specified CIDR ranges in SSO client logins. #44846
• Machine ID can now be configured to use Kubernetes Secret destinations from the command line using the kubernetes-secret schema. #44801
• Prevent discovery service from overwriting Teleport dynamic resources that have the same name as discovered resources. #44785
• Reduced the probability that the event-handler deadlocks when encountering errors processing session recordings. #44771
• Improved event-handler diagnostics by providing a way to capture profiles dynamically via SIGUSR1. #44758
• Teleport Connect now uses ConPTY for better terminal resizing and accurate color rendering on Windows, with an option to disable it in the app config. #44742
• Fixed event-handler Helm charts using the wrong command when starting the event-handler container. #44697
• Improved stability of very large Teleport clusters during temporary backend disruption/degradation. #44694
• Resolved compatibility issue with Paramiko and Machine ID's SSH multiplexer SSH agent. #44673
• Teleport no longer creates invalid SAML Connectors when calling tctl get saml/<connector-name> | tctl create -f without the --with-secrets flag. #44666
• Fixed a fatal error in tbot when unable to lookup the user from a given UID in containerized environments for checking ACL configuration. #44645
• Fixed Application Access regression where an HTTP header wasn't set in forwarded requests. #44628
• Added Server auto-discovery support for Rocky and AlmaLinux distros. #44612
• Use the registered port of the target host when tsh puttyconfig is invoked without --port. #44572
• Added more icons for guessing application icon by name or by label teleport.icon in the web UI. #44566
• Remove deprecated S3 bucket option when creating or editing AWS OIDC integration in the web UI. #44485
• Fixed terminal sessions with a database CLI client in Teleport Connect hanging indefinitely if the client cannot be found. #44465
• Added application-tunnel service to Machine ID for establishing a long-lived tunnel to a HTTP or TCP application for Machine to Machine access. #44443
• Fixed a regression that caused Teleport Connect to fail to start on Intel Macs. #44435
• Improved auto-discovery resiliency by recreating Teleport configuration when the node fails to join the cluster. #44432
• Fixed a low-probability panic in audit event upload logic. #44425
• Fixed Teleport Connect binaries not being signed correctly. #44419
• Prevented DoSing the cluster during a mass failed join event by agents. #44414
• The availability filter is now a toggle to show (or hide) requestable resources. #44413
• Moved PostgreSQL auto provisioning users procedures to pg_temp schema. #44409
• Added audit events for AWS and Azure integration resource actions. #44403
• Fixed automatic updates with previous versions of the teleport.yaml config. #44379
• Added support for Rocky and AlmaLinux when enrolling a new server from the UI. #44332
• Fixed PostgreSQL session playback not rendering queries line breaks correctly. #44315
• Fixed Teleport access plugin tarballs containing a build directory, which was accidentally added upon v16.0.0 release. #44300
• Prevented an infinite loop in DynamoDB event querying by advancing the cursor to the next day when the limit is reached at the end of a day with an empty iterator. This ensures the cursor does not reset to the beginning of the day. #44275
• The clipboard sharing tooltip for desktop sessions now indicates why clipboard sharing is disabled. #44237
• Prevented redirects to arbitrary URLs when launching an app. #44188
• Added a --skip-idle-time flag to tsh play. #44013
• Added audit events for discovery config actions. #43793
• Enabled Access Monitoring Rules routing with Mattermost plugin. #43601
• SAML application can now be deleted from the Web UI. #4778
• Fixed an Access List permission bug where an access list owner, who is also a member, was not able to add/remove access list member. #4744
• Fixed a bug in Web UI where clicking SAML GCP Workforce Identity Federation discover tile would throw an error, preventing from using the guided enrollment feature. #4720
• Fixed an issue with incorrect yum/zypper updater packages being installed. #4684

Download

Download the current and previous releases of Teleport at https://goteleport.com/download.

Download the current release of Teleport plugins from the links below.

• Slack (Linux amd64)
• Mattermost (Linux amd64)
• Discord (Linux amd64)
• Terraform Provider (Linux amd64 | Linux arm64 | macOS amd64 | macOS arm64 | macOS universal)
• Event Handler (Linux amd64 | macOS amd64)
• PagerDuty (Linux amd64)
• Jira (Linux amd64)
• Email (Linux amd64)
• Microsoft Teams (Linux amd64)