|
|
|
|
@ -1,3 +1,102 @@
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Sat Sep 14 07:49:25 UTC 2024 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
|
|
|
|
|
|
|
|
|
|
- update to 16.3.0:
|
|
|
|
|
* Out-of-band user creation
|
|
|
|
|
- Cluster administrators are now able to configure Teleport's
|
|
|
|
|
ssh_service to ensure that certain host users exist on the
|
|
|
|
|
machine without the need to start an SSH session. #46498
|
|
|
|
|
* Other improvements and fixes
|
|
|
|
|
- Allow the cluster wide ssh dial timeout to be set via
|
|
|
|
|
auth_service.ssh_dial_timeout in the Teleport config file.
|
|
|
|
|
#46507
|
|
|
|
|
- Fixed an issue preventing session joining while host user
|
|
|
|
|
creation was in use. #46501
|
|
|
|
|
- Added tbot Helm chart for deploying a Machine ID Bot into a
|
|
|
|
|
Teleport cluster. #46373
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Sat Sep 14 07:37:43 UTC 2024 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
|
|
|
|
|
|
|
|
|
|
- update to 16.2.2:
|
|
|
|
|
* Fixed an issue that prevented the Firestore backend from
|
|
|
|
|
reading existing data. #46433
|
|
|
|
|
* The teleport-kube-agent chart now correctly propagates
|
|
|
|
|
configured annotations when deploying a StatefulSet. #46421
|
|
|
|
|
* Fixed regression with Slack notification rules matching on
|
|
|
|
|
plugin name instead of type. #46391
|
|
|
|
|
* Update tsh puttyconfig to respect any defined proxy templates.
|
|
|
|
|
#46384
|
|
|
|
|
* Ensure that additional pod labels are carried over to
|
|
|
|
|
post-upgrade and post-delete hook job pods when using the
|
|
|
|
|
teleport-kube-agent Helm chart. #46232
|
|
|
|
|
* Fix bug that renders WebUI unusable if a role is deleted while
|
|
|
|
|
it is still being in use by the logged in user. #45774
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Sat Sep 14 06:35:21 UTC 2024 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
|
|
|
|
|
|
|
|
|
|
- update to 16.2.1 (there is no 16.2.0 release):
|
|
|
|
|
* Fixed debug service not being turned off by configuration;
|
|
|
|
|
Connect My Computer in Teleport Connect should no longer fail
|
|
|
|
|
with "bind: invalid argument". #46293
|
|
|
|
|
* Fixed an issue that could result in duplicate session
|
|
|
|
|
recordings being created. #46265
|
|
|
|
|
* Connect now supports bulk selection of resources to create an
|
|
|
|
|
access request in the unified resources view. #46238
|
|
|
|
|
* Added support for the teleport_installer resource to the
|
|
|
|
|
Teleport Terraform provider. #46200
|
|
|
|
|
* Fixed an issue that would cause reissue of certificates to fail
|
|
|
|
|
in some scenarios where a local auth service was present.
|
|
|
|
|
#46184
|
|
|
|
|
* Updated OpenSSL to 3.0.15. #46180
|
|
|
|
|
* Extend Teleport ability to use non-default cluster domains in
|
|
|
|
|
Kubernetes, avoiding the assumption of cluster.local. #46150
|
|
|
|
|
* Fixed retention period handling in the CockroachDB audit log
|
|
|
|
|
storage backend. #46147
|
|
|
|
|
* Prevented Teleport Kubernetes access from resending resize
|
|
|
|
|
events to the party that triggered the terminal resize,
|
|
|
|
|
avoiding potential resize loops. #46066
|
|
|
|
|
* Fixed an issue where attempts to play/export certain session
|
|
|
|
|
recordings would fail with gzip: invalid header. #46035
|
|
|
|
|
* Fixed a bug where Teleport services could not join the cluster
|
|
|
|
|
using iam, azure, or tpm methods when the proxy service
|
|
|
|
|
certificate did not contain IP SANs. #46010
|
|
|
|
|
* Prevent connections from being randomly terminated by Teleport
|
|
|
|
|
proxies when proxy_protocol is enabled and TLS is terminated
|
|
|
|
|
before Teleport Proxy. #45992
|
|
|
|
|
* Updated the icons for server, application, and desktop
|
|
|
|
|
resources. #45990
|
|
|
|
|
* Added eks:UpdateAccessEntry to IAM permissions generated by the
|
|
|
|
|
teleport integration IAM setup command and to the documentation
|
|
|
|
|
reference for auto-discovery IAM permissions. #45983
|
|
|
|
|
* Added ServiceNow support to access request notification routing
|
|
|
|
|
rules. #45965
|
|
|
|
|
* Added PagerDuty support to access request notification routing
|
|
|
|
|
rules. #45913
|
|
|
|
|
* Fixed an issue where host_sudoers could be written to Teleport
|
|
|
|
|
proxy server sudoer lists in Teleport v14 and v15. #45958
|
|
|
|
|
* Prevent interactive sessions from hanging on exit. #45952
|
|
|
|
|
* Fixed kernel version check of Enhanced Session Recording for
|
|
|
|
|
distributions with backported BPF. #45941
|
|
|
|
|
* Added a flag to skip a relogin attempt when using tsh ssh and
|
|
|
|
|
tsh proxy ssh. #45929
|
|
|
|
|
* The hostname where the process is running is returned when
|
|
|
|
|
running tctl get db_services. #45909
|
|
|
|
|
* Add buttons to clear all selected Roles/Reviewers in new Access
|
|
|
|
|
Requests. #45904
|
|
|
|
|
* Fixed an issue WebSocket upgrade fails with MiTM proxies that
|
|
|
|
|
can remask payloads. #45899
|
|
|
|
|
* When a database is created manually (without auto-discovery)
|
|
|
|
|
the teleport.dev/db-admin and
|
|
|
|
|
teleport.dev/db-admin-default-database labels are no longer
|
|
|
|
|
ignored and can be used to configure database auto-user
|
|
|
|
|
provisioning. #45891
|
|
|
|
|
* Add support for non-RSA SSH signatures with imported CA keys.
|
|
|
|
|
#45890
|
|
|
|
|
* Update tsh login and tsh status output to truncate a list of
|
|
|
|
|
roles. #45581
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Aug 9 18:26:17 UTC 2024 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
|
|
|
|
|
|
|
|
|
|
|
Ana Guerrero
Git OBS Bridge