Skip to content

Releases: gravitational/teleport

Teleport 2.0.6

04 May 00:12
@russjones russjones
v2.0.6
c2c3d20
Compare
Choose a tag to compare
Teleport 2.0.6

Description

Teleport 2.0.6 contains a variety of security fixes. We strongly encourage anyone running Teleport 2.0.0 and above to upgrade to 2.0.6.

The most pressing issues (a phishing attack which can potentially be used to extract plaintext credentials and an attack where an already authenticated user can escalate privileges) can be resolved by upgrading the web proxy. However, however all nodes need to be upgraded to mitigate all vulnerabilities.

Fixes

  • Patch for TLP-01-001 and TLP-01-003: Check redirect.
  • Patch for TLP-01-004: Always check is namespace is valid.
  • Patch for TLP-01-005: Check user principal when joining session.
  • Patch for TLP-01-006 and TLP-01-007: Validate Session ID.
  • Patch for TLP-01-008: Use a fake hash for password authentication if user does not exist.
  • Patch for TLP-01-009: Command injection in scp.
Assets 4
Loading

Teleport 2.1.0 Alpha 4

03 May 22:15
@russjones russjones
v2.1.0-alpha.4
d6e2afb
Compare
Choose a tag to compare
Teleport 2.1.0 Alpha 4 Pre-release
Pre-release 
v2.1.0-alpha.4

Release 2.1.0-alpha.4.
Assets 4
Loading

Teleport 2.0.5

03 May 22:16
@russjones russjones
v2.0.5
4df38ef
Compare
Choose a tag to compare
Teleport 2.0.5

Description

Teleport 2.0.5 contains a variety of security fixes. We strongly encourage anyone running Teleport 2.0.0 and above to upgrade to 2.0.5.

The most pressing issues (a phishing attack which can potentially be used to extract plaintext credentials and an attack where an already authenticated user can escalate privileges) can be resolved by upgrading the web proxy. However, however all nodes need to be upgraded to mitigate all vulnerabilities.

Fixes

  • Patch for TLP-01-001 and TLP-01-003: Check redirect.
  • Patch for TLP-01-004: Always check is namespace is valid.
  • Patch for TLP-01-005: Check user principal when joining session.
  • Patch for TLP-01-006 and TLP-01-007: Validate Session ID.
  • Patch for TLP-01-008: Use a fake hash for password authentication if user does not exist.
  • Patch for TLP-01-009: Command injection in scp.
Assets 4
Loading

Teleport 2.0.4

20 Apr 23:18
@russjones russjones
v2.0.4
ed99094
Compare
Choose a tag to compare
Teleport 2.0.4

Description

v2.0.4 is a maintenance release which contains a variety of bugfixes.

Fixes

Roles created the the Web UI now have node resource. #949

Assets 4
Loading

Teleport 2.0.3

19 Apr 23:59
@russjones russjones
v2.0.3
9b1c319
Compare
Choose a tag to compare
Teleport 2.0.3

Description

v2.0.3 is a maintenance release which contains a variety of bugfixes.

Fixes

  • Execute commands using user's shell. #943
  • Allow users to read their own roles. #941
  • Fix User CA import. #919
  • Role template defaults. #916
  • Skip UserInfo if not provided. #915
Assets 4
Loading

Release Teleport 2.1.0 Alpha 3

17 Apr 19:28
@russjones russjones
v2.1.0-alpha.3
bbc40f3
Compare
Choose a tag to compare
Release Teleport 2.1.0 Alpha 3 Pre-release
Pre-release 
v2.1.0-alpha.3

Release 2.1.0-alpha.3.
Assets 4
Loading

Teleport 2.0.2

17 Apr 19:26
@russjones russjones
v2.0.2
e8faec1
Compare
Choose a tag to compare
Teleport 2.0.2

Description

v2.0.2 is a maintenance release which fixes SSH agent forwarding permissions issues.

Fixes

#936

Assets 4
Loading

Teleport 2.1.0 Alpha 2

13 Apr 19:04
@russjones russjones
v2.1.0-alpha.2
415dea4
Compare
Choose a tag to compare
Teleport 2.1.0 Alpha 2 Pre-release
Pre-release 
Merge pull request #927 from gravitational/rjones/acr-values

Added support for ACR values for OIDC connectors.
Assets 4
Loading

Teleport 2.0.1

11 Apr 18:22
@russjones russjones
v2.0.1
ef0a8ee
Compare
Choose a tag to compare
Teleport 2.0.1

Description

Teleport 2.0.1 is a major new release of Teleport.

Teleport is a modern SSH server for remotely accessing clusters of Linux servers via SSH or HTTPS. It is intended to be used instead of sshd. Teleport enables teams to easily adopt SSH best practices like: certificate-based access, two-factor authentication, session recording and audit, external identity providers, and much more.

New Features

  • Role-based access control (RBAC) (available in Teleport Enterprise).
  • Dynamic configuration: manage resources like Roles and Trusted Clusters at runtime (available in Teleport Enterprise).
  • Native support for DynamoDB back-end for storing cluster state.
  • It is now possible to disable Two-Factor Authentication (2FA).
  • Support for Time-based One-time Password Algorithm (TOTP) for Two-Factor Authentication.
  • New and easy to use framework for implementing secret storage plug-ins.
  • Audit log format has been finalized and documented.
  • Experimental simple file-based secret storage back-end.
  • SSH agent forwarding (available in Teleport Enterprise).
  • Dynamic Roles for external identity providers (available in Teleport Enterprise).
  • Added the ability to map claims to roles for external identity providers (available in Teleport Enterprise).

Improvements

  • Friendlier CLI error messages.
  • Improvements to OpenSSH interoperability including:
    • Host Certificates now contain DNS names as well as Teleport IDs.
    • Corrected export formats for Certificate Authorities.
    • tsh login and tsh agent now support loading keys into external SSH agents.
    • Improvements and fixes for Ansible integration.
  • Server-side enforceable authentication.
  • Enhanced OIDC functionality to support parsing UserInfo for claims information.

Full list of Github Issues

Assets 4
Loading

Teleport 2.0 RC 2

21 Mar 23:57
@russjones russjones
v2.0.0-rc.2
8927397
Compare
Choose a tag to compare
Teleport 2.0 RC 2 Pre-release
Pre-release 
Merge pull request #854 from gravitational/rjones/rc2

Release RC2.
Assets 4
Loading