Skip to content

Releases: fleetdm/fleet

fleet-v4.41.0

29 Nov 01:33
@github-actions github-actions
fleet-v4.41.0
f6cb052
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: 4AEE18F83AFDEB23
Learn about vigilant mode.
Compare
Choose a tag to compare
fleet-v4.41.0 Latest
Latest

Changes

  • Endpoint operations:

    • Enhanced fleetctl and API to support PowerShell (.ps1) scripts.
    • Updated several API endpoints to support os_settings filter, including Windows profiles status.
    • Enabled after parameter for improved pagination in various endpoints.
    • Improved the fleet/queries/run endpoint with better error handling.
    • Increased frequency of metrics reporting from Fleet servers to daily.
    • Added caching for policy results in MySQL for faster operations.

  • Device management (MDM):

    • Added database tables for Windows profiles support.
    • Added validation for WSTEP certificate and key pair before enabling Windows MDM.
    • Introduced support for Windows PowerShell scripts in the UI.

  • Vulnerability management:

    • Fleet now uses NVD API 2.0 for CVE information download.
    • Added support for JetBrains application vulnerability data.
    • Tightened software matching to reduce false positives.
    • Stopped reporting Atom editor packages in software inventory.

  • UI improvements:

    • Updated activity feed for better communication around JIT-provisioned user logins.
    • Query report now displays the host's display name instead of the hostname.
    • Improved UI components like the manage page's label filter and edit columns modal.
    • Enabled all sort headers in the UI to be fully clickable.
    • Removed the creation of OS policies from a host's operating system in the UI.
    • Ensured correct settings visibility in the Settings > Advanced section.

Bug fixes

  • Fixed long result cell truncation in live query results and query reports.
  • Fixed a Redis cluster mode detection issue for RedisLabs hosted instances.
  • Fixed a false positive vulnerability report for Citrix Workspace.
  • Fixed an edge case sorting bug related to the last_restarted value for hosts.
  • Fixed an issue with creating .deb installers with different enrollment keys.
  • Fixed SMTP configuration validation issues for TLS-only servers.
  • Fixed caching of team MDM configurations to improve performance at scale.
  • Fixed delete pending issue during orbit.exe installation.
  • Fixed a bug causing the disk encryption key banner to not display correctly.
  • Fixed various error code inconsistencies across endpoints.
  • Fixed filtering hosts with invalid team_id now returns a 400 error.
  • Fixed false positives in software matching for similar names.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for Fleet is available at fleetdm.com/docs.

Binary Checksum

SHA256

bc5dd476ea4108d2d26ea4eab99504f02492633c6f8fa9db01f8511099c9f57e  fleet_v4.41.0_linux.tar.gz
03da62accda22d3434d6be235e9b910e04b21aee84085097369707451dc4d219  fleetctl_v4.41.0_linux.tar.gz
ec10a2193a9075b668126b3700189c7fef232978ce8f3504128203afc865a619  fleetctl_v4.41.0_linux.zip
83d78374afdc8d49da20bbbd6fec966b082725aa4060c845f13c0efc7d607182  fleetctl_v4.41.0_macos.tar.gz
1390320c14410c298f4298bd171b257ca8fde0061a62388d5cab1f04c501e062  fleetctl_v4.41.0_macos.zip
7e5eb0b48c15670d75b34acbf8f9f9a470fad76a7c20d77b79e715a56a890f74  fleetctl_v4.41.0_windows.tar.gz
255f6260d5f7f76e7d279a649879d9a27d45a78b916ffbdb1303bc707ab3a745  fleetctl_v4.41.0_windows.zip
Assets 10

fleet-v4.40.0

07 Nov 00:21
@github-actions github-actions
fleet-v4.40.0
8dbe690
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: 4AEE18F83AFDEB23
Learn about vigilant mode.
Compare
Choose a tag to compare
fleet-v4.40.0

Changes

  • Endpoint operations:

    • New tables added to the fleetd extension: app_icons, falconctl_options, falcon_kernel_check, cryptoinfo, cryptsetup_status, filevault_status, firefox_preferences, firmwarepasswd, ioreg, and windows_updates.
    • CIS support for Windows 10 is updated to the lates CIS document CIS_Microsoft_Windows_10_Enterprise_Benchmark_v2.0.0.

  • Device management (MDM):

    • Introduced support for MS-MDM management protocol.
    • Added a host detail query for Windows hosts to ingest MDM device id and updated the Windows MDM device enrollment flow.
    • Implemented --context and --debug flags for fleetctl mdm run-command.
    • Support added for fleetctl mdm run-command on Windows hosts.
    • macOS hosts with MDM features via SSO can now run sudo profiles renew --type enrollment.
    • Introduced GET mdm/commandresults endpoint to retrieve MDM command results for Windows and macOS.
    • fleetctl get mdm-command-results now uses the new above endpoint.
    • Added POST /fleet/mdm/commands/run platform-agnostic endpoint for MDM commands.
    • Introduced API for recent Windows MDM commands via fleetctl and the API.

  • Vulnerability management:

    • Added vulnerability data support for JetBrains apps with similar names (e.g., IntelliJ IDEA.app vs. IntelliJ IDEA Ultimate.app).
    • Apple Rapid Security Response version added to macOS host details (requires osquery v5.9.1 on macOS devices).
    • For ChromeOS hosts, software now includes chrome extensions.
    • Updated vulnerability processing to omit software without versions.
    • Resolved false positives in vulnerabilities for Chrome and Firefox extensions.

  • UI improvements:

    • Fleet tables in UI reset rows upon filter/search/page changes.
    • Improved handling when deleting a large number of hosts; operations now continue in the background after 30 seconds.
    • Added the ability for Observers and Observer+ to view policy resolutions.
    • Improved app settings clarity for premium users regarding usage statistics.
    • UI buttons for live queries or policies are now disabled with a tooltip if live queries are globally turned off.
    • Observers and observer+ can now run existing policies in the UI.

Bug fixes and improvements

  • REST API:

    • Overhauled REST API input validation for several endpoints (hosts, carves, users).
    • Validation error status codes switched from 500 to 400 for clarity.
    • Numerous new validations added for policy details, os_name/version, etc.
    • Addressed issues in /fleet/sso and /mdm/apple/enqueue endpoints.
    • Updated response codes for several other endpoints for clearer error handling.

  • Logging and debugging:

    • Updated Apple Business Manager terms logging behavior.
    • Refined the copy of the ABM terms banner for better clarity.
    • Addressed a false positive CVE detection on the certifi python package.
    • Fixed a logging issue with Fleet's Cloudflare WARP software version ingestion for Windows.

  • UI fixes:

    • Addressed UI bugs for the "Turn off MDM" action display and issues with the host details page's banners.
    • Fixed narrow viewport EULA display issue on the Windows TOS page.
    • Rectified team dropdown value issues and ensured consistent help text across query and policy creation forms.
    • Fixed issues when applying config changes without MDM features enabled.

  • Others:

    • Removed the capability for Premium customers to disable usage statistics. Further information provided in the Fleet documentation.
    • Retired creating OS policies from host OSes in the UI.
    • Addressed issues in Live Queries with the POST /fleet/queries/run endpoint.
    • Introduced database migrations for Windows MDM command tables.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for Fleet is available at fleetdm.com/docs.

Binary Checksum

SHA256

2188bd5d301fae70ecaf39f43ed3fa41216924d3e6dcd9e753c0664283addbf5  fleetctl_v4.40.0_macos.zip
2d2a0c97e0c360bdc77e38097a06861512191c07d1adbdf98dd7690dec503b33  fleet_v4.40.0_linux.tar.gz
55754107b9be9f8d3b5d5fc7daf2dcb2196cefb071408857d9ea215080e56dbc  fleetctl_v4.40.0_linux.zip
6537ad561dd1e82b1ea5345677576ecf2593d7604977514df519feee2226d2ee  fleetctl_v4.40.0_linux.tar.gz
ae34af952e470c1dd84f2149d7e20cf8bbe7269e2e466beef2ded584c9701a7b  fleetctl_v4.40.0_windows.zip
d725be4371f0c6efa5d9e6f7749f599afda97fc6222b2a9ec3da6b055526e7b4  fleetctl_v4.40.0_macos.tar.gz
f32d4ef6eefd252d0a83f0b79d0e1d15022670ab9c1ea2abf1cfb7e93761164f  fleetctl_v4.40.0_windows.tar.gz
Assets 10

fleet-v4.39.0

26 Oct 20:35
@github-actions github-actions
fleet-v4.39.0
653aece
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: 4AEE18F83AFDEB23
Learn about vigilant mode.
Compare
Choose a tag to compare
fleet-v4.39.0

Changes

  • Added ability to store results of scheduled queries:

    • Will store up to 1000 results for each scheduled query.
    • If the number of results for a scheduled query is below 1000, then the results will continuously get updated every time the hosts send results to Fleet.
    • Introduced server_settings.query_reports_disabled field in global configuration to disable this feature.
    • New API endpoint: GET /api/_version_/fleet/queries/{id}/report.
    • New field discard_data added to API queries endpoints for toggling report storage for a query. For yaml configurations, use discard_data: true to disable result storage.
    • Enhanced osquery result log validation.
    • NOTE: This feature enables storing more query data in Fleet. This may impact database performance, depending on the number of queries, their frequency, and the number of hosts in your Fleet instance. For large deployments, we recommend monitoring your database load while gradually adding new query reports to ensure your database is sized appropriately.

  • Added scripts tab and table for host details page.

  • Added support to return the decrypted disk encryption key of a Windows host.

  • Added GET /hosts/{id}/scripts endpoint to retrieve status details of saved scripts for a host.

  • Added mdm.os_settings to GET /api/v1/hosts/{id} response.

  • Added POST /api/fleet/orbit/disk_encryption_key endpoint for Windows hosts to report bitlocker encryption key.

  • Added activity logging for script operations (add, delete, edit).

  • Added UI for scripts on the controls page.

  • Added API endpoints for script management and updated existing ones to accommodate saved script ID.

  • Added GET /mdm/disk_encryption/summary endpoint for disk encryption summaries for macOS and Windows.

  • Added os_settings and os_settings_disk_encryption filters to various GET endpoints for host filtering based on OS settings.

  • Enhanced GET hosts/:id API response to include more detailed disk encryption data for device client errors.

  • Updated controls > disk encryption and host details page to include Windows bitlocker information.

  • Improved styling for host details/device user failing policies display.

  • Disabled multicursor editing for SQL editors.

  • Deprecated mdm.macos_settings.enable_disk_encryption in favor of mdm.enable_disk_encryption.

  • Updated Go version to 1.21.3.

Bug fixes

  • Fixed script content and output formatting issues on the scripts detail modal.

  • Fixed a high database load issue in the Puppet match endpoint.

  • Fixed setup flows background not covering the entire viewport when resized to some sizes.

  • Fixed a bug affecting OS settings information retrieval regarding disk encryption status for Windows hosts.

  • Fixed SQL parameters used in the /api/latest/fleet/labels/{labelID}/hosts endpoint for certain query parameters, addressing issue 13809.

  • Fixed Python's CVE-2021-42919 false positive on macOS which should only affect Linux.

  • Fixed a bug causing DEP profiles to sometimes not get assigned correctly to hosts.

  • Fixed an issue in the bulk-set of MDM Apple profiles leading to excessive placeholders in SQL.

  • Fixed max-height display issue for script content and output in the script details modal.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for Fleet is available at fleetdm.com/docs.

Binary Checksum

SHA256

034e5829448a4d06442f983ee14ff82ed4d620933c473e51fc1bdc852d59571d  fleetctl_v4.39.0_windows.zip
0f100db2daf7542ee03653f573148e058fcb2833997ec8a0293e50c772f6f87b  fleetctl_v4.39.0_macos.tar.gz
42b2ce1a17eb90a5b57c9ddebcfe967393324ea8396e33bc02b2c20dd07143ac  fleet_v4.39.0_linux.tar.gz
549e997efba2742543910193f1bbff03d42354c951f889a639f8e1e0df7ec54c  fleetctl_v4.39.0_linux.zip
9ce3bcb6a0969ae8c255276297f38fa8c93cfa3debf8d3271217345d4a07c976  fleetctl_v4.39.0_windows.tar.gz
ba0e9853f13a40732449f67391258545ba34c17994df6723f9281205f825f576  fleetctl_v4.39.0_linux.tar.gz
bbaeab22b759aed727f047f2c2b2ea1078986d5b71ae6d648036cb2a972b9e80  fleetctl_v4.39.0_macos.zip
Assets 10

fleet-v4.38.1

05 Oct 16:52
@github-actions github-actions
fleet-v4.38.1
22b0136
Compare
Choose a tag to compare
fleet-v4.38.1

Bug Fixes

  • Fixed a bug that would cause live queries to stall if a detail query override was set for a team.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for Fleet is available at fleetdm.com/docs.

Binary Checksum

SHA256

130adae8b0d549103dff08ff5cb8d1f564ab6aee19bc44f3c7845de336b3d768  fleet_v4.38.1_linux.tar.gz
1980696c5380c0ba5e21f0647e515d04a59a8af1e9d000c2e4bc235b7665bc7f  fleetctl_v4.38.1_macos.zip
51ce32f990575bb92517ee56b06f8baf3795575ccc813a0914630a5bdf5b7be9  fleetctl_v4.38.1_linux.zip
9722f98dae7b1504208eed6f918b652c07b365aeb15317b7b7751f7d23cde0ba  fleetctl_v4.38.1_windows.tar.gz
a4d7af50a2f206a7c6de3ff62613c1e46075fb7f90d81132e10aeca47fde6d5f  fleetctl_v4.38.1_linux.tar.gz
dc5c32b8117b0a12340012463c00644785a8e9c599adf7ed9ae8f4c7e28cf7c1  fleetctl_v4.38.1_macos.tar.gz
e751948df71e7f258abd684a31e144b4f2bd6beacc4cc7cac71327380d02b45b  fleetctl_v4.38.1_windows.zip
Assets 10

fleet-v4.38.0

25 Sep 22:16
@github-actions github-actions
fleet-v4.38.0
6807cfe
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: 4AEE18F83AFDEB23
Learn about vigilant mode.
Compare
Choose a tag to compare
fleet-v4.38.0

Changes

  • Updated MDM profile verification so that an install profile command will be retried once if the command resulted in an error or if osquery cannot confirm that the expected profile is installed.

  • Ensured post-enrollment commands are sent to devices assigned to Fleet in ABM.

  • Ensured hosts assigned to Fleet in ABM come back to pending to the right team after they're deleted.

  • Added labels to the fleetd extensions feature to allow deploying extensions to hosts that belong to certain labels.

  • Changed fleetd Windows extensions file extension from .ext to .ext.exe to allow their execution on Windows devices (executables on Windows must end with .exe).

  • Surfaced chrome live query errors to Fleet UI (including errors for specific columns while maintaining successful data in results).

  • Fixed delivery of fleetd extensions to devices to only send extensions for the host's platform.

  • (Premium only) Added resolved_in_version to /fleet/software APIs pulled from NVD feed.

  • Added database migrations to create the new scripts table to store saved scripts.

  • Allowed specifying disable_failing_policies on the /api/v1/fleet/hosts/report API endpoint for increased performance. This is useful if the user is not interested in counting failed policies (issues column).

  • Added the option to use locally-installed WiX v3 binaries when generating the Fleetd installer for Windows on a Windows machine.

  • Added CVE descriptions to the /fleet/software API.

  • Restored the ability to click on and select/copy text from software bundle tooltips while maintaining the abilities to click the software's name to get more details and to click anywhere else in the row to view all hosts with that software installed.

  • Stopped 1password from overly autofilling forms.

  • Upgraded Go version to 1.21.1.

Bug Fixes

  • Fixed vulnerability mismatch between the flock browser and the discoteq/flock binary.

  • Fixed v4.37.0 performance regressions in the following API endpoints:

    • /api/v1/fleet/hosts/report
    • /api/v1/fleet/hosts when using per_page=0 or a large number for per_page (in the thousands).

  • Fixed script content and output formatting on the scripts detail modal.

  • Fixed wrong version numbers for Microsoft Teams in macOS (from invalid format of the form 1.00.XYYYYY to correct format 1.X.00.YYYYY).

  • Fixed false positive CVE-2020-10146 found on Microsoft Teams.

  • Fixed CVE-2013-0340 reporting as a valid vulnerability due to NVD recommendations.

  • Fixed save button for a new policy after newly creating another policy.

  • Fixed empty query/policy placeholders.

  • Fixed used by data when filtering hosts by labels.

  • Fixed small copy and alignment issue with status indicators in the Queries page Automations column.

  • Fixed strict checks on Windows MDM Automatic Enrollment.

  • Fixed software vulnerabilities time ago column for old CVEs.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for Fleet is available at fleetdm.com/docs.

Binary Checksum

SHA256

1726447569f5bf476916375e989c9e3f17c5ae6ebc684ee33471981dee4260c5  fleetctl_v4.38.0_linux.tar.gz
173cad4a08496654a2a00944759796665dc72b565a767a2c3c8a183a89eb45ee  fleet_v4.38.0_linux.tar.gz
39ba4a75bc7d87c757b1b5672507f89e6f13e515d593d1c0d219f6ae36dd1dee  fleetctl_v4.38.0_linux.zip
84c0ac95bd399c96c2ccd2d2deb161757f83ed49caae819cc243493eda800e9a  fleetctl_v4.38.0_windows.zip
d1d6b3d14b4cb003f207d3f59682443a2d8d552d8427c6dcff5fdf9aa46d05c4  fleetctl_v4.38.0_windows.tar.gz
d845e5d9f63b9b56e73d791477349e65236acb833e6009ed99771af19cdce49a  fleetctl_v4.38.0_macos.zip
f6e735da4bf6c41dab3c30d9c6709d73fc90308dfa28603f8c382c795b7d57b3  fleetctl_v4.38.0_macos.tar.gz
Assets 10

fleet-v4.37.0

08 Sep 19:19
@github-actions github-actions
fleet-v4.37.0
a745c3a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: 4AEE18F83AFDEB23
Learn about vigilant mode.
Compare
Choose a tag to compare
fleet-v4.37.0

Changes

  • Added /scripts/run and scripts/run/sync API endpoints to send a script to be executed on a host and optionally wait for its results.

  • Added POST /api/fleet/orbit/scripts/request and POST /api/fleet/orbit/scripts/result Orbit-specific API endpoints to get a pending script to execute and send the results back, and added an Orbit notification to let the host know it has scripts pending execution.

  • Improved performance at scale when applying hundreds of policies to thousands of hosts via fleetctl apply.

    • IMPORTANT: In previous versions of Fleet, there was a performance issue (thundering herd) when applying hundreds of policies on a large number of hosts. To avoid this, make sure to deploy this version of Fleet, and make sure Fleet is running for at least 1h (or the configured FLEET_OSQUERY_POLICY_UPDATE_INTERVAL) before applying the policies.

  • Added pagination to the policies API to increase response time.

  • Added policy count endpoints to support pagination on the frontend.

  • Added an endpoint to report fleetd errors.

  • Added logic to report errors during MDM migration.

  • Added support in fleetd to execute scripts and send back results (disabled by default).

  • Added an activity log when script execution was successfully requested.

  • Automatically set the DEP profile to be the same as "no team" (if set) for teams created using the /match endpoint (used by Puppet).

  • Added JumpCloud to the list of well-known MDM solutions.

  • Added fleetctl run-script command.

  • Made all table links right-clickable.

  • Improved the layout of the MDM SSO pages.

  • Stored user email when a user turned on MDM features with SSO enabled.

  • Updated the copy and image displayed on the MDM migration modal.

  • Upgraded Go to v1.19.12.

  • Updated the macadmins/osquery-extension to v0.0.15.

  • Updated nanomdm dependency.

Bug Fixes

  • Fixed a bug where live query UI and export data tables showed all returned columns.

  • Fixed a bug where Jira and/or Zendesk integrations were being removed when an unrelated setting was changed.

  • Fixed software ingestion to not re-insert software when incoming fields from hosts were longer than what Fleet supports. This bug caused some CVEs to be reported every time the vulnerability cron ran.

    • IMPORTANT: After deploying this fix, the vulnerability cron will report the CVEs one last time, and subsequent cron runs will not report the CVE (as expected).

  • Fixed duplicate policy names in ee/cis/win-10/cis-policy-queries.yml.

  • Fixed typos in policy queries in the Windows CIS policies YAML (ee/cis/win-10/cis-policy-queries.yml).

  • Fixed a bug where query stats (aka Performance impact) were not being populated in Fleet.

  • Added validation to fleetctl apply for duplicate policy names in the YAML file and attempting to change the team of an existing policy.

  • Optimized host queries when using policy statuses.

  • Changed the authentication method during Windows MDM enrollment to use LoadHostByOrbitNodeKey instead of HostByIdentifier.

  • Fixed alignment on long label names on host details label filter dropdown.

  • Added UI for script run activity and script details modal.

  • Fixed queries navigation bar bug where if in query detail, you could not navigate back to the manage queries table.

  • Made policy resolutions that include URLs clickable in the UI.

  • Fixed Fleet UI custom query frequency display.

  • Fixed live query filter icon and various other live query icons.

  • Fixed Fleet UI tabs highlight while tabbing but not on multiple clicks.

  • Fixed double scrollbar bug on dashboard page.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for Fleet is available at fleetdm.com/docs.

Binary Checksum

SHA256

5b73d46dc7a653b4c7fc51d4babf1d4df3daad8b0c39e3605e091a5a67f2e89e  fleet_v4.37.0_linux.tar.gz
8411493175922a445f20a79b079ee28b266e9c5a6d15a5e4f8334a6418a703ec  fleetctl_v4.37.0_macos.tar.gz
b1f72ef5bd8b3d0b35103177d21de7cb33e5fd0318b64728efe92eb232c9fb8c  fleetctl_v4.37.0_linux.tar.gz
b5f35b14803dc06fefac1a361e7e5449b7a16c7731e1b4fb84a655ab4f15e278  fleetctl_v4.37.0_macos.zip
c1a3085026a078745355e8b7f24f56aa5c34dda03f79642d72c37b07a917c5e4  fleetctl_v4.37.0_windows.tar.gz
c4efd94d6ed278e4ec1202c5239d866293aa4b36a51a60f9960508faace97981  fleetctl_v4.37.0_windows.zip
d006052aa2af43375f1221f199f42e43e0e8bcd8958c0c86b780683a1a9c120e  fleetctl_v4.37.0_linux.zip
Assets 10

fleet-v4.36.0

17 Aug 23:06
@github-actions github-actions
fleet-v4.36.0
1260db9
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: 4AEE18F83AFDEB23
Learn about vigilant mode.
Compare
Choose a tag to compare
fleet-v4.36.0

Changes

  • Added the fleetctl upgrade-packs command to migrate 2017 packs to the new combined schedule and query concept.

  • Updated fleetctl convert to convert packs to the new combined schedule and query format.

  • Updated the POST /mdm/apple/profiles/match endpoint to set the bootstrap package and enable end user authentication settings for each new team created via the endpoint to the corresponding values specified in the app config as of the time the applicable team is created.

  • Added enroll secret for a new team created with fleetctl apply if none is provided.

  • Improved SQL autocomplete with dynamic column, table names, and shown metadata.

  • Cleaned up styling around table search bars.

  • Updated MDM profile verification to fix issue where profiles were marked as failed when a host
    is transferred to a newly created team that has an identical profile as an older team.

  • Added windows MDM automatic enrollment setup pages to Fleet UI.

  • (Beta) Allowed configuring Windows MDM certificates using their contents.

  • Updated the icons on the dashboard to new grey designs.

  • Ensured DEP profiles are assigned even for devices that already exist and have an op type = "modified".

  • Disabled save button for invalid query or policy SQL & missing name.

  • Users with no global or team role cannot access the UI.

  • Text cells truncate with ellipses if longer than column width.

Bug Fixes:

  • Fixed styling issue of the active settings tab.

  • Fixed response status code to 403 when a user cannot change their password either because they were not requested to by the admin or they have Single-Sign-On (SSO) enabled.

  • Fixed issues with end user migration flow.

  • Fixed login form cut off when viewport is too short.

  • Fixed bug where os_version endpoint returned 404 for no teams on controls page.

  • Fixed delays applying profiles when the Puppet module is used in distributed scenarios.

  • Fixed a style issue in the filter host by status dropdown.

  • Fixed an issue when a user with gitops role was used to validate a configuration with fleetctl apply --dry-run.

  • Fixed jumping text on the host page label filter dropdown at low viewport widths.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for Fleet is available at fleetdm.com/docs.

Binary Checksum

SHA256

4383798d4a91c0ed4fb057c370e86b21d5fba30acac3b220ca810c92350bf79b  fleetctl_v4.36.0_linux.tar.gz
4a84d774d070b494032a44781a7a48821ead27ef5c697c81112b3969a81f8273  fleet_v4.36.0_linux.tar.gz
674c8c64cda2f818c8ea09a0c6cb30a110561f21e61ab9da5f9e63ac4bbd8c4e  fleetctl_v4.36.0_macos.zip
a72e95bc5bf7f2c95172734ad5c420ceaaf9bffbb648a69edfada0dab054f0a8  fleetctl_v4.36.0_linux.zip
abe6ae5192e20e5926adb6a1c16cd0e23a77e52701ceb53e2b431358bbdae6ee  fleetctl_v4.36.0_macos.tar.gz
ef8a81b617b55dda21e80f0f9e276d765a3c56e0c37378c897337612206dfbb6  fleetctl_v4.36.0_windows.tar.gz
f142ca28c7c6ac61ede6453c56cbe8cf01d2302c078d194bfe7b68f8008fb229  fleetctl_v4.36.0_windows.zip
Assets 10

fleet-v4.35.2

10 Aug 18:32
@github-actions github-actions
fleet-v4.35.2
39feb96
Compare
Choose a tag to compare
fleet-v4.35.2

Changes

  • Fixed a bug in fleetctl that set the wrong Fleet URL in Windows installers.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for Fleet is available at fleetdm.com/docs.

Binary Checksum

SHA256

15dbea6acb8a23e8686b6240c4b0fe3260aa91b26a2494719d136ebdb4364dbf  fleet_v4.35.2_linux.tar.gz
224d7a47617a3906431c7d56e99a353321055d766a9f040a85346c5a354642f0  fleetctl_v4.35.2_linux.tar.gz
5679ba7b13dd8e2e8d276630d78c2e56ef34b1d1c5425fa80dc7de23e8e5e126  fleetctl_v4.35.2_windows.zip
6c5f649ad5575bc12c0068bca96e70223268494d3668c8196100946c4543fd59  fleetctl_v4.35.2_macos.zip
82f2f2b9e8fd88328fec470400f28b55dc76d1b2174860f56c36e153dd9bd225  fleetctl_v4.35.2_windows.tar.gz
a7539c3bd66832fc48624bffebd4764cf09c089cf69c310f864c5f66478aeee7  fleetctl_v4.35.2_macos.tar.gz
cbc6e6b7c8eb59c745c7f466cb71b06c99ff334d068a872fda2513644ea11eac  fleetctl_v4.35.2_linux.zip
Assets 10

fleet-v4.35.1

04 Aug 22:34
@github-actions github-actions
fleet-v4.35.1
8796316
Compare
Choose a tag to compare
fleet-v4.35.1

Changes

  • Fixed a migration to account for columns with NULL values as a result of either creating schedules via the API without providing all values or by a race condition with database replicas.

  • Fixed a bug that occurred when a user tried to create a custom query from the "query" action on a host's details page.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for Fleet is available at fleetdm.com/docs.

Binary Checksum

SHA256

18279aba31682213d7bcfbba07ef9d53b8c68951595398655035977f58432ad1  fleet_v4.35.1_linux.tar.gz
2e12aadc8cbdc83431da4581590887a786fb99280825376b131c5e632b6af4c1  fleetctl_v4.35.1_windows.zip
5122f8c829b959c6f16070ee88b7085bc3a738f80320f63187162dee04aa49da  fleetctl_v4.35.1_linux.zip
64393100ec0a7a772334e0b49bb6d853434bea329563ecc27b9d507c3e1cc0a2  fleetctl_v4.35.1_macos.zip
91ea672f80a90dbb9c5e070378d9dc3731f4c752c6fc5c8a8cfad108cc2af069  fleetctl_v4.35.1_linux.tar.gz
92251375d9fbfd7f4c9581ee5330d7ad35a2a5cb46afa5932100705cdef9db97  fleetctl_v4.35.1_macos.tar.gz
cad9a8eaca600a640301fb0b3ad486e604806f117050975c1fb0f367f4490b74  fleetctl_v4.35.1_windows.tar.gz
Assets 10

fleet-v4.35.0

01 Aug 16:55
@github-actions github-actions
fleet-v4.35.0
648b25b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: 4AEE18F83AFDEB23
Learn about vigilant mode.
Compare
Choose a tag to compare
fleet-v4.35.0

Changes

  • Combined the query and schedule features to provide a single interface for creating, scheduling, and tweaking queries at the global and team level.

  • Merged all functionality of the schedule page into the queries page.

  • Updated the save query modal to include scheduling-related fields.

  • Updated queries table schema to allow storing scheduling information and configuration in the queries table.

  • Users now able to manage scheduled queries using automations modal.

  • The osquery/config endpoint now includes scheduled queries for the host's team stored in the queries table.

  • Query editor now includes frequency and other advanced options.

  • Updated macOS MDM setup UI in Fleet UI.

  • Changed how team assignment works for the Puppet module, for more details see the README.

  • Allow the Puppet module to read different Fleet URL/token combinations for different environments.

  • Updated server logging for webhook requests to mask URL query values if the query param name includes "secret", "token", "key", "password".

  • Added support for Azure JWT tokens.

  • Set DeferForceAtUserLoginMaxBypassAttempts to 1 in the default FileVault profile installed by Fleet.

  • Added dark and light mode logo uploads and show the appropriate logo to the macOS MDM migration flow.

  • Added MSI installer deployement support through MS-MDM.

  • Added support for Windows MDM STS Auth Endpoint.

  • Added support for installing Fleetd after enrolling through Azure account.

  • Added support for MDM TOS endpoint.

  • Updated the "Platforms" column to the more explicit "Compatible with".

  • Improved delivery of Apple MDM profiles by not re-sending InstallProfile commands if a host switches teams but the profile contents are the same.

  • Improved error handling and messaging of SSO login during AEP(DEP) enrollments.

  • Improved the reporting of the Puppet module to only report as changed profiles that actually changed during a run.

  • Updated ingestion of host detail queries for MDM so hosts that report empty results are counted as "Off".

  • Upgraded Go version to v1.19.11.

  • If a policy was defined with an invalid query, the desktop endpoint now counts that policy as a failed policy.

  • Fixed issue where Orbit repeatedly tries to launch Nudge in the event of a launch error.

  • Fixed Observer + should be able to run any query by clicking create new query.

  • Fixed the styling of the initial setup flow.

  • Fixed URL used to check Gravatar network availability.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for Fleet is available at fleetdm.com/docs.

Binary Checksum

SHA256

21d5632e04f7ebf95e892be298abff9b6da692926a86a94b4b0170558d794164  fleetctl_v4.35.0_linux.tar.gz
4da40b3667932473a3918d83a073cd9c654432624ece8376820db3977ac10780  fleet_v4.35.0_linux.tar.gz
5a4f205ab275e680a9a6b6491d10b38646db6d7f6e36c88faae93f749e85d185  fleetctl_v4.35.0_windows.tar.gz
bbb043ea1bf976cfc0b25bb400f59589d3cc2ca107e5fee7b1b575905960f790  fleetctl_v4.35.0_linux.zip
c726ad0f5027f55323a8f0640daaf8f747e1f68dd3175842d282b28618c458e3  fleetctl_v4.35.0_macos.zip
e65b2c08f7fd7c970b5ea1c223ba39267509c4e6efeee4cd7c9d37a3ad999852  fleetctl_v4.35.0_windows.zip
fa11cdbf925b810dbfbd59640555a22bba88c2f0c67bd5beb4dbd6972517d77c  fleetctl_v4.35.0_macos.tar.gz
Assets 10