fleet-v4.13.0
Changes
Known issues
This release contains an issue with path validation in SSO, resulting in SSO users not able to login following an upgrade from a previous version of Fleet. If you use SSO we recommend installing 4.13.1.
This is a security release.
-
Security: Fix several post-authentication authorization issues. Only Fleet Premium users that
have team users are affected. Fleet Free users do not have access to the teams feature and are
unaffected. See the following security advisory for details: GHSA-pr2g-j78h-84cr -
Improve performance of software inventory on Windows hosts.
-
Add
basic_auth.username
andbasic_auth.password
Prometheus configuration options. TheGET /metrics
API route is now disabled if these configuration options are left unspecified. -
Fleet Premium: Add ability to specify a team specific "Destination URL" for policy automations.
This allows the user to configure Fleet to send a webhook request to a unique location for
policies that belong to a specific team. Documentation on what data is included the webhook
request and when the webhook request is sent can be found here on fleedm.com/docs -
Add ability to see the total number of hosts with a specific macOS version (ex. 12.3.1) on the
Home > macOS page. This information is also available via theGET /os_versions
API route. -
Add ability to sort live query results in the Fleet UI.
-
Add a "Vulnerabilities" column to Host details > Software page. This allows the user see and search for specific vulnerabilities (CVEs) detected on a specific host.
-
Update vulnerability automations to fire anytime a vulnerability (CVE), that is detected on a
host, was published to the
National Vulnerability Database (NVD) in the last 30 days, is detected on a host. In previous
versions of Fleet, vulnerability automations would fire anytime a CVE was published to NVD in the
last 2 days. -
Update the Policies page to ask the user to wait to see accurate passing and failing counts for new and recently edited policies.
-
Improve API-only (integration) users by removing the requirement to reset these users' passwords
before use. Documentation on how to use API-only users can be found here on fleetdm.com/docs. -
Improve the responsiveness of the Fleet UI by adding tablet screen width support for the Software,
Queries, Schedule, Policies, Host details, Settings > Teams, and Settings > Users pages. -
Add Beta support for integrating with Jira to automatically create a Jira issue when a
new vulnerability (CVE) is detected on a host in Fleet. -
Add Beta support for Fleet Desktop on Windows. Fleet Desktop allows the device user to see
information about their device. To add Fleet Desktop to a Windows device, first add the
--fleet-desktop
flag to thefleectl package
command to generate a Fleet-osquery installer that
includes Fleet Desktop. Then, open this installer on the device. -
Fix a bug in which downloading Fleet's vulnerability database failed if the destination directory specified
was not in thetmp/
directory. -
Fix a bug in which the "Updated at" time was not being updated for the "Mobile device management
(MDM) enrollment" and "Munki versions" information on the Home > macOS page. -
Fix a bug in which Fleet would consider Docker network interfaces to be a host's primary IP address.
-
Fix a bug in which tables in the Fleet UI would present misaligned buttons.
-
Fix a bug in which Fleet failed to connect to Redis in standalone mode.
Upgrading
Please visit our update guide for upgrade instructions.
Documentation
Documentation for Fleet is available at fleetdm.com/docs.
Binary Checksum
SHA256
07a377b78a973192d8eb5380d3effb6323f08700a44a6bf9da0f7906bd71eb7c fleetctl_v4.13.0_windows.tar.gz
36c59106d083476396983a44c53f06d91107cafb1ec08943a30a2385ec4b55b1 fleetctl_v4.13.0_linux.tar.gz
41580e1696c25e12ab882d5d40cd28b3947f131870da9c897ddf93304eb10015 fleetctl_v4.13.0_windows.zip
7a861552e6687364def9c55478d626e3da9a56ecf37ec978a17f9f8d77471522 fleet_v4.13.0_linux.tar.gz
3b97db442762a8c7acbdc8949b42637cb3f1c830b623e0d368b54fadd150b68b fleetctl_v4.13.0_macos.tar.gz
0da2cfd4936c5e359c3e4347ef7214cbf5543f3c0e1e621a59bf146531f0cf06 fleetctl_v4.13.0_macos.zip
daaddb3837c3bbfd68881756c56725fddd3320469efb69e9fcc41cd6c17cd568 fleetctl_v4.13.0_linux.zip