gravitational/teleport v17.7.2

Teleport 17.7.2

on GitHub

Description

• Fixed an issue that could cause some hosts not to register dynamic Windows desktops. #58062
• Improve error message when a User without any MFA devices enrolled attempts to access a resource that requires MFA. #58044
• Add TELEPORT_UNSTABLE_GRPC_RECV_SIZE env var which can be set to overwrite client side max grpc message size. #58028
• Add support for JWT-Secured Authorization Requests to OIDC Connector. #58013
• Fixed an issue that could cause revocation checks to fail in Windows environments. #57879
• Fixed the case where the auto-updated client tools did not use the intended version. #57871
• Fix database PKINIT issues caused missing CDP information in the certificate. #57851
• Device Trust: added required-for-humans mode to allow bots to run on unenrolled devices, while enforcing checks for human users. #57845
• Updated Go to 1.23.12. #57765
• Added the --auth flag to the tctl plugins install scim CLI command to support Bearer token and OAuth authentication methods. #57758
• Fix Alt+Click not being registered in remote desktop sessions. #57756
• Kubernetes Access: kubectl port-forward now exits cleanly when backend pods are removed. #57742
• Kubernetes Access: Fixed a bug when forwarding multiple ports to a single pod. #57737
• Fixed unlink-package during upgrade/downgrade. #57721
• Teleport event-handler now accepts HTTP Status Code 204 from the recipient. This adds support for sending events to Grafana Alloy and newer Fluentd versions. #57681
• Enrich the windows.desktop.session.start audit event with additional certificate metadata. #57678
• Added --force option to tctl workload-identity x509-issuer-overrides sign-csrs to allow displaying the output of partial failures, intended for use in clusters that make use of HSMs. #57661
• Tctl top can now display raw prometheus metrics. #57634
• Fixed access denied error messages not being displayed in the Teleport web UI PostgreSQL client. #57569
• Use the bot details page to view and edit bot configuration, and see active instances with their upgrade status. #57543
• Fix a bug in the default discovery script that can happen discovering instances whose PATH doesn't contain /usr/local/bin. #57531
• Fix a race condition in the Terraform Provider potentially causing "does not exist" errors the following resources: auth_preference, autoupdate_config, autoupdate_version, cluster_maintenance_config, cluster_network_config, and session_recording_config. #57528
• Fix a Terraform provider bug causing resource creation to be retried more times than the MaxRetries setting. #57528
• Make it easier to identify Windows desktop certificate issuance on the audit log page. #57520
• Fix a bug in the TF provider happening when autoupdate_version or autoupdate_config have non-empty metadata. #57517
• Fix a bug on Windows where a forwarded SSH agent would become dysfunctional after a single connection using the agent. #57512
• Machine and Workload ID: Add experimental implementation of new bound_keypair join method for improved bot joining in on-prem environments. #55037

Download

Download the current and previous releases of Teleport at https://goteleport.com/download.

Plugins

Download the current release of Teleport plugins from the links below.

• Slack Linux amd64 | Linux arm64
• Mattermost Linux amd64 | Linux arm64
• Discord Linux amd64 | Linux arm64
• Terraform Provider Linux amd64 | Linux arm64 | macOS amd64 | macOS arm64 | macOS universal
• Event Handler Linux amd64 | Linux arm64 | macOS amd64
• PagerDuty Linux amd64 | Linux arm64
• Jira Linux amd64 | Linux arm64
• Email Linux amd64 | Linux arm64
• Microsoft Teams Linux amd64 | Linux arm64