Gravitational Teleport v9.3.9 Release Notes
-
π This release of Teleport contains a security fix, as well as multiple improvements and bug fixes.
Auth bypass in Moderated Sessions
When checking a userβs roles prior to starting a session, Teleport may have incorrectly allowed a session to proceed without moderation depending on the order roles are received from the backend.
π Other improvements and fixes
- π Fixed issue with per-session MFA swallowing keypresses. #13822
- π Fixed issue with
tsh db ls -R
now showing allowed users. #13626 - π Fixed vertical and horizontal scroll in desktop access. #13905
- π Fixed issue with invalid query filters forcing
tsh
relogin. #13747 - π Fixed issue with TLS routing and proxy jump. #13928
- π Fixed issue with MongoDB connections timing out in certain scenarios. #13859
- π Fixed issue with Machine ID certificate renewal with empty requested roles. #13893
- π Fixed issue with Windows desktops not being labeled with LDAP attribute labels. #13681
- π Fixed issue with desktop access streaming not being terminated properly. #14024
- Added ability to use FIPS endpoints for S3 and DynamoDB using
use_fips_endpoint
connection option. #13703 - β Added ability to specify CA pin as a file path in the config. #13089
- π Improved reconnect reliability after root proxy restart. #13967
- π Improved error messages for failed auth client connections. #13835