Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package teleport for openSUSE:Factory
checked in at 2023-10-25 18:03:09
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/teleport (Old)
and /work/SRC/openSUSE:Factory/.teleport.new.24901 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "teleport"
Wed Oct 25 18:03:09 2023 rev:80 rq:1120145 version:14.1.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/teleport/teleport.changes 2023-10-19
22:53:35.896095697 +0200
+++ /work/SRC/openSUSE:Factory/.teleport.new.24901/teleport.changes
2023-10-25 18:04:01.752877654 +0200
@@ -1,0 +2,587 @@
+Tue Oct 24 14:15:31 UTC 2023 - ka...@b1-systems.de
+
+- Update to version 14.1.1:
+ * Release 14.1.1 (#33843)
+ * [v14] Align titles in the introduction to topic sections,
+ modify Desktop Access reference (#33826)
+ * fix order (#33775)
+ * [v14] Add headless mode to 'tsh proxy kube' (#33783)
+ * Fix the top bar going outside the window (#33821)
+ * docs: update local windows getting started to include all
+ scopes (#33818)
+ * Fix d3-color@3.1.0 breaking tests (#33813)
+ * [v14] docs: reword tctl instructions (#33812)
+ * Check if resource exists before making sort keys to delete
+ (#33766)
+ * [v14] [docs] Automatic user provisioning for MySQL (#33745)
+ * Manually fire OpInit in NodeJoinWait test (#33692)
+ * docs: fix YAML syntax for Grafana header rewrite (#33780)
+ * Machine ID Docs Refactor (#31259) (#33714)
+ * docs: Update service type for ACM deployments in Enterprise
+ (#33774)
+ * Update Jest to v29 and use custom env to expose TextEncoder &
+ TextDecoder (#33741)
+ * Always use lowercase when pinning resources (#33765)
+ * [v14] snowflake/http: Limit Decompressed Request to 10MB
+ (#33764)
+ * Add MySQL auto-user deletion (#33520) (#33710)
+ * remove preview from directory sharing button (#33757)
+ * [v14] Add an Access Request configuration guide (#33756)
+ * Pin d3-color version to ^3.1.0 (#33760)
+ * Remove "Preview" from Resource Access Request page (#33664)
+ * test(db): simplify active connections tests setup (#32923)
+ (#33686)
+ * Upgrade Vite + Vite dependencies (#33566)
+ * Minor docs typo fix (#33589)
+ * Bump rustix from 0.36.5 to 0.36.16 (#33707)
+ * Extend rsync command timeout in tests. (#33673)
+ * Clean up a few log entries (#33644)
+ * Update Node.js to 18.18.2 (#33521) (#33624)
+ * [v14] include url and saml connector name in entity descriptor
+ url errors (#33667)
+ * Extend test timeouts. (#33617)
+ * bump docs to 13.4.3 (#33700)
+ * [docs] add missing database matchers for discovery config
+ reference (#33694)
+ * docs: mention support for multiple AD domains (#33332)
+ * [auto] docs: Update version to v14.1.0 (#33680)
+ * [v14] DiscoveryConfig: WebAPI CRUD (#33380)
+ * [v14] Configure Connect to intercept deep link clicks (#33684)
+ * Update synchronization period in Okta docs. (#33638)
+ * [v14] Add the ability to run a specific tool to Assist.
+ (#33640)
+ * Remove access list from unified watcher (#33685)
+ * Add PostgreSQL auto-user deletion (#32792) (#33570)
+ * [v14] Add docs for Connect My Computer (#33149)
+
+-------------------------------------------------------------------
+Tue Oct 24 14:01:09 UTC 2023 - ka...@b1-systems.de
+
+- Update to version 14.1.0:
+ Security fixes
+ * Updated golang.org/x/net dependency. #33420
+ - swift-nio-http2 vulnerable to HTTP/2 Stream Cancellation
+ Attack: CVE-2023-44487
+ * Updated google.golang.org/grpc to v1.57.1. #33487
+ - swift-nio-http2 vulnerable to HTTP/2 Stream Cancellation
+ Attack: CVE-2023-44487
+ * Updated OpenTelemetry dependency. #33523 #33550
+ - OpenTelemetry-Go Contrib vulnerable to denial of service in
+ otelhttp due to unbound cardinality metrics: CVE-2023-45142
+ * Updated babel/core to 7.3.2. #33441
+ - Arbitrary code execution when compiling specifically crafted
+ malicious code: CVE-2023-45133
+
+ Changelog:
+
+ * Release 14.1.0 (#33507)
+ * Add private key policy to user login and certificate posthog
+ events. (#33615)
+ * [v14] allow https:// in proxy parameter in tsh (#33646)
+ * docs: include all db protocols in faq and config (#33641)
+ * [v14] docs: Reorganize and revise moderated sessions (#33545)
+ * Add Docker to Slack access request plugin (#33393)
+ * Select examples `api` dependency update (#33595) (#33601)
+ * [v14] Update hardware key support docs (#33650)
+ * Expand access list review audit entry. (#33573)
+ * add security group picker to deployservice step (#33453)
+ * Add Docker to MSFT teams plugin (#33387)
+ * Add Docker to Mattermost plugin (#33390)
+ * Deflake TestChaosUpload (#33610)
+ * [v14] Update e (#33605)
+ * docs: update okta service setup (#33464)
+ * Update e (#33602)
+ * Update generate-eventschema (#33598)
+ * Fix a couple of typos and reword scenario descriptions (#33397)
+ * [v14] Fix issue with ServiceNow incidents not including link to
+ access request (#33593)
+ * [v14] docs: Add timing for automatic agent updates to the cloud
+ FAQ (#33400)
+ * Fix hardware key support for sso web login (#33433) (#33548)
+ * Add Hardware Key login audit event fields (#33254) (#33549)
+ * [v14] Add Access Monitoring Ping Auth Response Feature flag
+ (#33585)
+ * Add nav title & packages for Access Monitoring (#33580)
+ * [v14] Update e (#33530)
+ * [v14] Fix assist audit query prompt (#33581)
+ * [v14] Security Reports (#33459)
+ * Propagate resource revision to/from the backend (#32040)
+ (#33214)
+ * [v14] Show Connect My Computer CTA only if versions are
+ compatible (#33563)
+ * Gracefully handle web socket closure by clients (#33480)
+ (#33529)
+ * [v14] Machine ID: Improve warning/error message when secure
+ symlinks are not available (#33562)
+ * [v14] Allow Bots to submit access request reviews (#33509)
+ * [v14] Fix flaky test `TestWithRsync/with_headless_tsh` (#33557)
+ * Add user certificates generated prometheus metric. (#33476)
+ * [v14] Missed OpenTelemetry Updates (#33550)
+ * docs: Add WinSCP to PuTTY client instructions (#32868) (#33092)
+ * [v14] Prevent remote proxies from impersonating users from
+ different clusters (#33539)
+ * Notify CLI users when access lists need reviews. (#33468)
+ * [v14] OpenTelemetry Updates (#33523)
+ * [v14] Configure custom PIV slot for hardware key support -
+ follow up (#33353)
+ * [v14] AWS OIDC: Only consider Linux/UNIX when listing EC2
+ instances (#33515)
+ * Update upcoming-releases.mdx (#33525)
+ * Revert private key policy error handling in WebUI (#33237)
+ (#33482)
+ * [v14] Database Automatic User Provisioning support for MySQL
+ (#33379)
+ * [v14] Fix user login state gRPC client upsert. (#33451)
+ * Make privateKeyPolicyEnabled an optional field. (#33481)
+ * Update remaining `google.golang.org/grpc` to v1.57.1 (#33487)
+ * Make initialization of Connect synchronous (#33508)
+ * [v14] Update @babel/core to 7.23.2 and dedupe babel deps
+ (#33441)
+ * [v14] update e (#33493)
+ * Configure custom PIV slot for hardware key support (#31732)
+ (#33352)
+ * [v14] Show resources in Slack notification for access requests
+ (#33264)
+ * Extend handshake read deadline to allow signature operations
+ that require user input to be completed (hardware key
+ touch/pin). (#32921) (#33348)
+ * [v14] Add `pcscd` install instructions for hardware key support
+ (#33376)
+ * Add support for deploy service agent auto updates (#31982)
+ (#33313)
+ * * Use lowercase for sort keys in unified cache (#33475)
+ * [v14] Include 'nextAuditDate' in 'CreateAccessListReview'
+ method (#33485)
+ * fix oidc test race (#33432)
+ * [v14] docs: update macos app remove command to delete dir and
+ correct fips debug container address (#33367)
+ * [v14] Add a duration for starting notifications to access
+ lists. (#33474)
+ * [docs] clarify RDS/Aurora databases getting modified (#33410)
+ * [v14] Prevent double registration of Kubernetes GVK for older
+ Kube clusters (#33402)
+ * [v14] Web: Add notification store (#33381)
+ * Web: add identity management nav section (#33423)
+ * Add usage events for desktop access (#33455)
+ * Wait for nodes to be availble in disconnection tests (#33446)
+ * Use searchAsRoles in unified requests (#33427)
+ * Show Connect My Computer button in empty state in Connect
+ (#33440)
+ * Remove Connect My Computer feature flag (#32850)
+ * Refactor desktop audit event emission (#33316)
+ * [v14] Bump golang.org/x/net Backport (#33420)
+ * Fix an issue `tsh` fails to connect Proxy behind TLS-terminated
+ loadbalancer in separate port mode (#33406)
+ * Add resource pinning to Unified Resource cards (#32980)
+ (#33404)
+ * [v14] PIV refactors (#33349)
+ * [v14] Fix access list audit log formatting (#33383)
+ * Allow access requests to use user login state. (#33350)
+ * join_sessions overrides the deny rule for sessions a user is
+ allowed to join (#33161)
+ * Allow for Windows PKI operations to target a different domain
+ (#33275)
+ * [auto] docs: Update version to v14.0.3 (#33361)
+ * Downgrade `@teleport-access-approver` to `v6` (#33354)
+ * [v14] Pinned Resources backend (#33277)
+ * Remove access lists and members from the cache. (#33322)
+ * Added 10/11 Upcoming Releases Update (#33309)
+ * Make system roles case-insensitive in provision tokens (#33260)
+ * docs: include servicenow and opsgenie in plugin index (#33292)
+ * [v14] docs: Reduce the use of capitalized trusted clusters and
+ a few other fixes (#33310)
+ * Add Docker to email plugin (#33321)
+ * [v14] Add param `extraContainers` to `teleport-cluster` and
+ `teleport-kube-agent` (#33299)
+
+-------------------------------------------------------------------
+Tue Oct 24 11:52:47 UTC 2023 - ka...@b1-systems.de
+
+- skipping non-existent release 14.0.2
+- Update to version 14.0.3:
+ * Release 14.0.3 (#33290)
+ * [v14] Remove check that enforces slack oauthProviders are set
+ (#33141)
+ * [v14] Report exit code of rsync processes if they fail in
+ TestWithRsync (#33262)
+ * DiscoveryConfig: init service and add resource to `tctl`
+ (#32399) (#33289)
+ * Update e (#33280)
+ * [v14] re-add agentless node manual installation docs (#32811)
+ * chore: Bump google.golang.org/grpc to v1.57.1 (#33265)
+ * [v14] [buddy] docs: minor typos and improvements in the
+ description of the Teleport Proxy Service (#33184)
+ * [v14] utils.RecursiveChown: Fix for Privilege Escalation due to
+ following symlinks (#33248)
+ * Reword Troubleshooting section in Connect docs (#33201)
+ * Add server troubleshooting to left nav (#33224)
+ * fix watcher setup in oidc test (#33258)
+ * [v14] docs: role definition update and update networking ports
+ info (#33223)
+ * [v14] docs: Caveat for token permissions not scoped to any
+ resource context (#33166)
+ * disable TestHSMDualAuthRotation (#33251)
+ * Backport changes to Restrict Access to Privileged Accounts
+ topic (#33238)
+ * [v14] Fix `tsh kube credentials` when root cluster roles don't
+ allow Kube access (#33210)
+ * [v14] chore: Bump Go to v1.21.3 (#33229)
+ * Yarn replacement version bumps (#33023)
+ * [v14] [docs] Attempt to clarify ElastiCache/MemoryDB auth
+ methods (#33215)
+ * [v14] docs: Add Docker to partials and update the discord
+ access request plugin (#33163)
+ * Fixes emitting wrong events for ec2 discover flow (#33185)
+ * Fix Kubernetes agent updater helm chart reference to bool
+ (#33212)
+ * [v14] Fix Proxy Kube listener behavior regarding PROXY protocol
+ usage (#33135)
+ * DiscoveryMatchers: move checkandset to types package (#32857)
+ (#32959)
+ * [v14] Split RDS Proxy guides per protocol (#33145)
+ * [v14] Header `Connection: close` causes `kubectl` to fail exec
+ (#33172)
+ * Web: Add EC2 name when listing instances in Discover flow
+ (#33179)
+ * [v14] Add support for gap prop to Button (#33196)
+ * Fix self-signed cert validity on macOS systems (#33156)
+ * fix leaf SSH sessions not getting recorded (#33102)
+ * [v14] OneOff Script: use ent build if cluster is Enterprise
+ (#33148)
+ * Add helper for generating request TTL options (#33041)
+ * Track connections to direct dial nodes across clusters (#33045)
+ * Add initial command to session trackers (#33112)
+ * [v14] docs: include info for accessing database audit activity
+ (#33093)
+ * [v14] docs: Draft of troubleshooting topics for Server Access
+ (#32876)
+ * [v14] docs: update fips docker address and internal address
+ listing (#33087)
+ * [v14] Fix --debug flag in Connect & enable devtools in debug
+ mode (#33137)
+ * [v14] Web: add link to CloudShell on EICE/EC2 Discover flow
+ (#33079)
+ * Fix some Rust lint warnings caught by Clippy 1.73.0 (#33098)
+ * [v14] Reliability improvements for HSM tests (#33091)
+ * docs: title zypper enterprise linux install tab (#33074)
+ * [v14] docs: Update HA Terraform reference and add starter
+ cluster reference (#33085)
+ * [v14] Update e ref. (#33066)
+ * [v14] Add cost optimized pagination search for athena (#33007)
+ * [v14] Add the Access List review backend. (#33070)
+ * Update cloud docs to 13.4.2 (#33071)
+ * [v14] AWS OIDC - EICE: improve error when EC2 does not accept
+ SSH connections (#33057)
+ * Update e ref (#32990)
+ * Downgrade Electron to 25.9.0 (#33058)
+ * Fix switch condition in Proxy listeners setup (#32966)
+ * Allow breaker tripped error to be configurable (#33036)
+ * Fix `kubectl log` commands when they refer to deployment
+ instead of pod (#32962)
+ * [v14] chore: Bump Go to v1.21.2 (#33046)
+ * Add in audit review recurrence presets. (#32960)
+ * [v14] chore: Pin golangci-lint and buf, bump buf to v1.27.0
+ (#33034)
+ * fix: improve reconnection reliability after process reloads
+ (#32807)
+ * Add sort index trees to unified resource cache (#33027)
+ * [v14] chore: Address crypto/elliptic package deprecations
+ (#32929)
+ * update --db-user and --db-name docs (#32888)
+ * Remove unused bloat bypass workflow (#32984)
+ * Track user connections across clusters (#32967)
+ * [v14] Web: Create (re-use) step navigator for general use
+ (#32979)
+ * Added 10/04 Upcoming Releases Update (#32981)
+ * Fix desktop listener PROXY mode setting (#32937)
+ * Web build: fix circular dep warnings (#32975)
++++ 290 more lines (skipped)
++++ between /work/SRC/openSUSE:Factory/teleport/teleport.changes
++++ and /work/SRC/openSUSE:Factory/.teleport.new.24901/teleport.changes
Old:
----
teleport-13.4.4.obscpio
New:
----
teleport-14.1.1.obscpio
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ teleport.spec ++++++
--- /var/tmp/diff_new_pack.sEvxqS/_old 2023-10-25 18:04:05.765012589 +0200
+++ /var/tmp/diff_new_pack.sEvxqS/_new 2023-10-25 18:04:05.765012589 +0200
@@ -19,7 +19,7 @@
%define __arch_install_post export NO_BRP_STRIP_DEBUG=true
Name: teleport
-Version: 13.4.4
+Version: 14.1.1
Release: 0
Summary: Identity-aware, multi-protocol access proxy
License: Apache-2.0
++++++ _service ++++++
--- /var/tmp/diff_new_pack.sEvxqS/_old 2023-10-25 18:04:05.801013799 +0200
+++ /var/tmp/diff_new_pack.sEvxqS/_new 2023-10-25 18:04:05.805013933 +0200
@@ -4,7 +4,7 @@
<param name="scm">git</param>
<param name="submodules">disable</param>
<param name="exclude">.git</param>
- <param name="revision">v13.4.4</param>
+ <param name="revision">v14.1.1</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>
<param name="versionrewrite-pattern">v(.*)</param>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.sEvxqS/_old 2023-10-25 18:04:05.829014741 +0200
+++ /var/tmp/diff_new_pack.sEvxqS/_new 2023-10-25 18:04:05.829014741 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://github.com/gravitational/teleport</param>
- <param
name="changesrevision">04a35f51cc8103a9497f566f580aa62da4a964da</param></service></servicedata>
+ <param
name="changesrevision">fb6429eba7a3c9cf1200bc7ae253a90f4c2b788b</param></service></servicedata>
(No newline at EOF)
++++++ teleport-13.4.4.obscpio -> teleport-14.1.1.obscpio ++++++
/work/SRC/openSUSE:Factory/teleport/teleport-13.4.4.obscpio
/work/SRC/openSUSE:Factory/.teleport.new.24901/teleport-14.1.1.obscpio differ:
char 50, line 1
++++++ teleport.obsinfo ++++++
--- /var/tmp/diff_new_pack.sEvxqS/_old 2023-10-25 18:04:05.885016624 +0200
+++ /var/tmp/diff_new_pack.sEvxqS/_new 2023-10-25 18:04:05.885016624 +0200
@@ -1,5 +1,5 @@
name: teleport
-version: 13.4.4
-mtime: 1697653458
-commit: 04a35f51cc8103a9497f566f580aa62da4a964da
+version: 14.1.1
+mtime: 1698093395
+commit: fb6429eba7a3c9cf1200bc7ae253a90f4c2b788b
++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/teleport/vendor.tar.gz
/work/SRC/openSUSE:Factory/.teleport.new.24901/vendor.tar.gz differ: char 5,
line 1
