Teleport 2.0.5 Security Fixes
TLDR: Teleport 2.0.5 fixes several security vulnerabilities. Upgrade here
We have identified several vulnerabilities in Teleport 2.0. The full list of changes can be seen in the release notes. They are relevant to the heavy users of Teleport web-UI.
As a result of this, we strongly recommend Teleport users upgrade to Teleport 2.0.5 as soon as possible.
The most pressing issues can be resolved by upgrading the web proxy which would mitigate most of the potential attacks, however all nodes should be upgraded to 2.0.5 as soon as possible to mitigate all vulnerabilities.
We will release a full report and more details in one week - our main goal is to let everyone to upgrade and not make it easy to exploit the vulnerabilities discovered for the folks who haven’t upgraded yet.
Upgrade to 2.0.5 here
- SSH into AWS using Github for RBAC
- Teleport 2.0 Release Information
- Aggregating SSH logs into SumoLogic