Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release 14.3.33 #48183

Merged
merged 2 commits into from
Oct 30, 2024
Merged

Release 14.3.33 #48183

merged 2 commits into from
Oct 30, 2024

Conversation

camscale
Copy link
Contributor

14.3.33

  • During the Set Up Access of the Enroll New Resource flows, Okta users will be asked to change the role instead of entering the principals and getting an error afterwards. #47959
  • Fixed teleport_connected_resource metric overshooting after keepalive errors. #47951
  • Fixed an issue preventing connections with users whose configured home directories were inaccessible. #47918
  • Auto-enroll may be locally disabled using the TELEPORT_DEVICE_AUTO_ENROLL_DISABLED=1 environment variable. #47718
  • Alter ServiceAccounts in the teleport-cluster Helm chart to automatically disable mounting of service account tokens on newer Kubernetes distributions, helping satisfy security linters. #47701
  • Avoid tsh auto-enroll escalation in machines without a TPM. #47697
  • Postgres database session start events now include the Postgres backend PID for the session. #47645
  • Fixes a bug where Let's Encrypt certificate renewal failed in AMI and HA deployments due to insufficient disk space caused by syncing audit logs. #47623
  • Adds support for custom SQS consumer lock name and disabling a consumer. #47612
  • Include host name instead of host uuid in error messages when SSH connections are prevented due to an invalid login. #47603
  • Allow using a custom database for Firestore backends. #47585
  • Extended Teleport Discovery Service to support resource discovery across all projects accessible by the service account. #47566
  • Fixed a bug that could allow users to list active sessions even when prohibited by RBAC. #47562
  • The tctl tokens ls command redacts secret join tokens by default. To include the token values, provide the new --with-secrets flag. #47547
  • Fixed an issue with the Microsoft license negotiation for RDP sessions. #47544
  • Fixed a bug where tsh logout failed to parse flags passed with spaces. #47461
  • Added kubeconfig context name to the output table of tsh proxy kube command for enhanced clarity. #47381
  • Improve error messaging when connections to offline agents are attempted. #47363
  • Teleport Connect for Linux now requires glibc 2.31 or later. #47264
  • Updates self-hosted db discover flow to generate 2190h TTL certs, not 12h. #47128

Enterprise:

  • Device auto-enroll failures are now recorded in the audit log.

@camscale camscale added the no-changelog Indicates that a PR does not require a changelog entry label Oct 30, 2024
@aws-amplify-us-west-2 AWS Amplify (us-west-2)
Copy link

This pull request is automatically being deployed by Amplify Hosting (learn more).

Access this pull request here: https://pr-48183.d3b94eevwi10ji.amplifyapp.com

@camscale
docs: Add "keepalive" to spelling list
2c110e2 
"keepalives" was already there, we just need the singular for a
changelog entry.
@camscale camscale added this pull request to the merge queue Oct 30, 2024
Merged via the queue into branch/v14 with commit 24f3e89 Oct 30, 2024
42 checks passed
@camscale camscale deleted the release/14.3.33 branch October 30, 2024 23:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@doggydogworld doggydogworld doggydogworld approved these changes

@zmb3 zmb3 zmb3 approved these changes

@tigrato tigrato tigrato approved these changes

Assignees
No one assigned
Labels
backport helm no-changelog Indicates that a PR does not require a changelog entry size/sm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@camscale @tigrato @zmb3 @doggydogworld