Teleport 15.4.6
Description
This release of Teleport contains a fix for a medium-level security issue impacting Teleport Enterprise, as well as various other updates and improvements
Security Fixes
[Medium] Fixes issue where a SCIM client could potentially overwrite. Teleport system Roles using specially crafted groups. This issue impacts Teleport Enterprise deployments using the Okta integration with SCIM support enabled.
We strongly recommend all customers upgrade to the latest releases of Teleport.
Other updates and improvements
- Fixed Discover setup access error when updating user. #43561
- Updated Go toolchain to 1.22. #43550
- Fixed remote port forwarding validation error. #43517
- Added support to trust system CAs for self-hosted databases. #43500
- Added error display in the Web UI for SSH and Kubernetes sessions. #43491
- Update
go-retryablehttp
to v0.7.7 (fixes CVE-2024-6104). #43475 - Fixed accurate inventory reporting of the updater after it is removed.. #43453
tctl alerts ls
now displays remaining alert ttl. #43435- Fixed input search for Teleport Connect's access request listing. #43430
- Added
Debug
setting for event-handler. #43409 - Fixed Headless auth for sso users, including when local auth is disabled. #43362
- Added configuration for custom CAs in the event-handler helm chart. #43341
- Fixed an issue with Database Access Controls preventing users from making additional database connections depending on their permissions. #43302
- Fixed Connect My Computer in Teleport Connect failing with "bind: invalid argument". #43288
Enterprise only updates and improvements
- The teleport updater will no longer default to using the global version channel, avoiding incompatible updates.
Download
Download the current and previous releases of Teleport at https://goteleport.com/download.
Plugins
Download the current release of Teleport plugins from the links below.
- Slack (Linux amd64)
- Mattermost (Linux amd64)
- Discord (Linux amd64)
- Terraform Provider (Linux amd64 | Linux arm64 | macOS amd64 | macOS arm64 | macOS universal)
- Event Handler (Linux amd64 | macOS amd64)
- PagerDuty (Linux amd64)
- Jira (Linux amd64)
- Email (Linux amd64)
- Microsoft Teams (Linux amd64)
--
labels: security-patch=yes