Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package teleport for openSUSE:Factory checked in at 2024-01-07 21:42:22 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/teleport (Old) and /work/SRC/openSUSE:Factory/.teleport.new.28375 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "teleport" Sun Jan 7 21:42:22 2024 rev:88 rq:1137413 version:14.3.0 Changes: -------- --- /work/SRC/openSUSE:Factory/teleport/teleport.changes 2023-12-15 21:49:18.290610001 +0100 +++ /work/SRC/openSUSE:Factory/.teleport.new.28375/teleport.changes 2024-01-07 21:42:37.377084202 +0100 @@ -1,0 +2,69 @@ +Sun Jan 7 18:18:50 UTC 2024 - Johannes Kastl <opensuse_buildserv...@ojkastl.de> + +- update to 14.3.0: + This release of Teleport contains multiple security fixes, + improvements and bug fixes. + * Security fixes + - Teleport Proxy now restricts SFTP for normal users as + described under Advisory + https://github.com/gravitational/teleport/security/advisories/GHSA-c9v7-wmwj-vf6x + - Fixed an issue that would allow for SSRF via Teleport's + reverse tunnel subsystem. Documented under the advisory + -https://github.com/gravitational/teleport/security/advisories/GHSA-hw4x-mcx5-9q36 + - On macOS, Teleport filters the environment to prevent code + execution via `DYLD_` variables. Documented under + https://github.com/gravitational/teleport/security/advisories/GHSA-vfxf-76hv-v4w4 + - A fix was applied to Access Lists to prevent possible + privilege escalation of list owners. Documented under + https://github.com/gravitational/teleport/security/advisories/GHSA-76cc-p55w-63g3 + * Other Fixes & Improvements + - Added the ability to promote an access request to an access + list in Teleport Connect + - Fixed an issue that would prevent websocket upgrades from + completing. + - Enhanced the audit events related to Teleport's SAML IdP + - Added support for STS session tags in the database + configuration for granular DynamoDB access. + - Added support for the IAM join method in ca-west-1. + - Improved the formatting of access list notifications in tsh. + - Fixed downgrade logic of KubernetesResources to Role v6 + - Fixed potential panic during early phases of SSH service + lifetime + - Added a `tsh latency` command to monitor ssh connection + latency in realtime + - Support GitHub joining from Enterprise accounts with + `include_enterprise_slug` enabled. + - Added vpc-id as a label to auto-discovered RDS databases + - Improved teleport agent performance when handling a large + number of TCP forwarding requests. + - Bump golang.org/x/crypto to v0.17.0, which addresses the + Terrapin vulnerability (CVE-2023-48795) + - Include the lock expiration time in `lock.create` audit + events + - Add custom attribute mapping to the + `saml_idp_service_provider` spec. + - Fixed PIV not being available on Windows tsh binaries + - Restored direct dial SSH server compatibility with certain + SSH tools such as `ssh-keyscan` (#35647) + - Prevent users from deleting their last passwordless device + - the `teleport-kube-agent` chart now supports passing extra + arguments to the updater. + - New access lists with an unspecified NextAuditDate now pick + a new date instead of being rejected + - Changed the minimal supported macOS version of Teleport + Connect to 10.15 (Catalina) + - Add non-AD desktops to Enroll New Resource + - Fixed a bug in `teleport-kube-agent` chart when using both + `appResources` and the `discovery` role. + - Fixed session upload audit events sometimes containing an + incorrect URL for the session recording. + - Prevent tsh from re-authenticating if the MFA ceremony fails + during `tsh ssh` + - Prevent attempts to join a nonexistent SSH session from + hanging forever + - Improved Windows hosts registration with a new + `static_hosts` configuration field + - Fixed the sorting of name and description columns for user + groups when creating an access request + +------------------------------------------------------------------- Old: ---- teleport-14.2.3.obscpio New: ---- teleport-14.3.0.obscpio ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ teleport.spec ++++++ --- /var/tmp/diff_new_pack.lMQWWh/_old 2024-01-07 21:42:45.569382292 +0100 +++ /var/tmp/diff_new_pack.lMQWWh/_new 2024-01-07 21:42:45.585382874 +0100 @@ -1,7 +1,7 @@ # # spec file for package teleport # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,7 +19,7 @@ %define __arch_install_post export NO_BRP_STRIP_DEBUG=true Name: teleport -Version: 14.2.3 +Version: 14.3.0 Release: 0 Summary: Identity-aware, multi-protocol access proxy License: Apache-2.0 ++++++ _service ++++++ --- /var/tmp/diff_new_pack.lMQWWh/_old 2024-01-07 21:42:45.893394082 +0100 +++ /var/tmp/diff_new_pack.lMQWWh/_new 2024-01-07 21:42:45.925395246 +0100 @@ -4,7 +4,7 @@ <param name="scm">git</param> <param name="submodules">disable</param> <param name="exclude">.git</param> - <param name="revision">v14.2.3</param> + <param name="revision">v14.3.0</param> <param name="versionformat">@PARENT_TAG@</param> <param name="changesgenerate">disable</param> <param name="versionrewrite-pattern">v(.*)</param> ++++++ teleport-14.2.3.obscpio -> teleport-14.3.0.obscpio ++++++ /work/SRC/openSUSE:Factory/teleport/teleport-14.2.3.obscpio /work/SRC/openSUSE:Factory/.teleport.new.28375/teleport-14.3.0.obscpio differ: char 49, line 1 ++++++ teleport.obsinfo ++++++ --- /var/tmp/diff_new_pack.lMQWWh/_old 2024-01-07 21:42:46.333410092 +0100 +++ /var/tmp/diff_new_pack.lMQWWh/_new 2024-01-07 21:42:46.369411402 +0100 @@ -1,5 +1,5 @@ name: teleport -version: 14.2.3 -mtime: 1702593530 -commit: 22e50b45420e7e4775e91c36650b81253210791c +version: 14.3.0 +mtime: 1703891334 +commit: 390d33c42bbe52f4bde6302bfbffccfeeb30ff29 ++++++ vendor.tar.gz ++++++ /work/SRC/openSUSE:Factory/teleport/vendor.tar.gz /work/SRC/openSUSE:Factory/.teleport.new.28375/vendor.tar.gz differ: char 5, line 1
