3.9.0

Changes

• Add configurable host identifier to help with duplicate host enrollment scenarios. By default, Fleet's behavior does not change (it uses the identifier configured in osquery's --host_identifier flag), but for users with overlapping host UUIDs changing --osquery_host_identifier to instance may be helpful.

• Make cool-down period for host enrollment configurable to control load on the database in scenarios in which hosts are using the same identifier. By default, the cooldown is off, reverting to the behavior of Fleet <=3.4.0. The cooldown can be enabled with --osquery_enroll_cooldown.

• Refresh the Fleet UI with a new layout and horizontal navigation bar.

• Trim down the size of Fleet binaries.

• Improve handling of config_refresh values from osquery clients.

• Fix an issue with IP addresses and host additional info dropping.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/3.9.0/docs/README.md

Binary Checksum

SHA256

55261bd63612b21e14e8bcefbd95bd1a5453549c3080924845319e22cddf2bb7  fleet.zip
b71492d064e9baf01624a2a54d56bbf6cde73a6820734035e69aa6e68cd44382  fleetctl.exe.zip
9708469b67bcb2cbc739a96098a646c9183b0e79f1d15ea30ee31a22a3c74b0c  fleetctl-macos.tar.gz
eaf99180eb504cba8d4625ddc572faa14ec27730aee8a9de8a8028502cb11238  fleetctl-windows.tar.gz
4ffd6f942f0d94cca15a56f4d543563553229d2d1f872d216cb1a4487a306aa5  fleetctl-linux.tar.gz

3.8.0

Changes

• Add search, sort, and column selection in the hosts dashboard.

• Add AWS Lambda logging plugin.

• Improve messaging about number of hosts responding to live query.

• Update host listing API endpoints to support search.

• Fixes to the fleetctl preview experience.

• Fix denylist parameter in scheduled queries.

• Fix an issue with errors table rendering on live query page.

• Deprecate KOLIDE_ environment variable prefixes in favor of FLEET_ prefixes. Deprecated prefixes continue to work and the Fleet server will log warnings if the deprecated variable names are used.

• Deprecate /api/v1/kolide routes in favor of /api/v1/fleet. Deprecated routes continue to work and the Fleet server will log warnings if the deprecated routes are used.

• Add Javascript source maps for development.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/3.8.0/docs/README.md

Binary Checksum

SHA256

e93f7efb13387f6fa538d253a088d719af7895a4002ca146b22bd7ca007703a9  fleet.zip
6f352ab40d37b672990f42ea1704aedcefdb048f262e410428dc54b50e7df109  fleetctl.exe.zip
2ac4c0e9fbdac3f8ec4fa586157ab87cd4fd3767bd3cc9534a2733e472232908  fleetctl-macos.tar.gz
79c503cc3e1baf46a359d91f79c815d382ca3f8fc25f7cbc1d35655d3e131de3  fleetctl-windows.tar.gz
0900d5e9d09e19811cfba40f8cb7fc9bd42d8e2917a20e1145bacfb3f4e08648  fleetctl-linux.tar.gz

3.7.4

Changes

This is a fleetctl only release with fixes to the fleetctl preview experience. Existing Fleet users need not upgrade to fleetctl 3.7.4.

Binary Checksum

SHA256

ba9032b18676ec853dc3324fbf6d2f371b1dcbe5b6697b0e6117f9035a7c58cd  fleetctl.exe.zip
6d512d09dce738b0d6de157b75c7379ed43ac2b9301a6e193453d4580c1b2336  fleetctl-macos.tar.gz
6a542901d6b0100fbbacac99eba826eb3c9b7c0c1a048df2c3e0b19e14e22e1c  fleetctl-windows.tar.gz
9ab1c9aefba6c918612dd9a32f959cd729a721d00ada40105a0bafe87ae3cb35  fleetctl-linux.tar.gz

3.7.1

Read the blog post: https://medium.com/fleetdm/fleet-3-7-1-d4c83f6875ac

Changes

• Change the default --server_tls_compatibility to intermediate. The new settings caused TLS connectivity issues for users in some environments. This new default is a more appropriate balance of security and compatibility, as recommended by Mozilla.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/3.7.1/docs/README.md

Binary Checksum

SHA256

f23dc4436969abd1053657c8894ec172de046e88e5cf1fd3597f7a3dba80046e  fleet.zip
9cac01f32141275928506d5c1d72bb443f6cbf8c346a233b7bb082779ddae1db  fleetctl.exe.zip
2df72ca82b0fefac56739fa11b8879a45af7189757f32d72ebc122c1b49fcb2a  fleetctl-macos.tar.gz
1c3094ac86dd58f7b0a91c1ef4afcd1aadd9f642fb694322fb2277f859a662e5  fleetctl-windows.tar.gz
d0fdac75fdf1908c1558f4e91433dd30aa8897708fb5194c5d880bdd7961a0ed  fleetctl-linux.tar.gz

3.7.0

Changes

This is a security release.

• Security: Fixed a vulnerability in which a malicious actor with a valid node key can send a badly formatted request that causes the Fleet server to exit, resulting in denial of service. See GHSA-xwh8-9p3f-3x45 and the linked content within that advisory.

• Add new Host details page which includes a rich view of a specific host’s attributes.

• Reveal live query errors in the Fleet UI and fleetctl to help target and diagnose hosts that fail.

• Add Helm chart to make it easier for users to deploy to Kubernetes.

• Add support for denylist parameter in scheduled queries.

• Add debug flag to fleetctl that enables logging of HTTP requests and responses to stderr.

• Improvements to the fleetctl preview experience that include adding containerized osquery agents, displaying login information, creating a default directory, and checking for Docker daemon status.

• Add improved error handling in host enrollment to make debugging issues with the enrollment process easier.

• Upgrade TLS compatibility settings to match Mozilla.

• Add comments in generated flagfile to add clarity to different features being configured.

• Fix a bug in Fleet UI that allowed user to edit a scheduled query after it had been deleted from a pack.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/3.7.0/docs/README.md

Binary Checksum

SHA256

58fd16818e6062fda819fab0aa5629a6292fc48f50427172d1aac08a46272a30  fleet.zip
84cebe3a7837e77ec5f9384f8a4bed9e14e86ee0adc5f54f522c8ca148a8a3c9  fleetctl.exe.zip
cd72f9089b3c28122483de6edcd958d57748ee1592037ceb296ffea9ef9fd64e  fleetctl-macos.tar.gz
ba29a3555336e728e268efbe30b08f5be9046ef2e7f38d47469299ab3728f7f9  fleetctl-windows.tar.gz
7535bf71359e02703720acb7a3e9d2fb2bbb74690408e2348bf631ebeafed774  fleetctl-linux.tar.gz

3.6.0

Changes

• Add the option to set up an S3 bucket as the storage backend for file carving.

• Build Docker container with Fleet running as non-root user.

• Add support to read in the MySQL password and JWT key from a file.

• Improve the fleetctl preview experience by automatically completing the setup process and configuring fleetctl for users.

• Restructure the documentation into three top-level sections titled "Using Fleet," "Deployment," and "Contribution."

• Fix a bug that allowed hosts to enroll with an empty enroll secret in new installations before setup was completed.

• Fix a bug that made the query editor render strangely in Safari.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/3.6.0/docs/README.md

Binary Checksum

SHA256

ca0e73bbe6773d79e75766947718d883bbf924558237785a7ae7cc25815bd5d5  fleet.zip
996c27e4964ddd285e5678f8e43f4c66c938054f3a30d28502621371ce6f711e  fleetctl.exe.zip
4ab4f7d976099c7e1c30d17972caf87e9a8281503b45f413388972713e15692d  fleetctl-linux.tar.gz
d50a9a99b9d5b77132fe11597f1783a4ecaf3f2200f058740d5c963583d92ebb  fleetctl-macos.tar.gz
e904ac8190e76628bf03893fcd4e678e571dccb771d8863abbb95356f0d1d073  fleetctl-windows.tar.gz

3.5.1

This is a security release.

Changes

• Security: Introduce XML validation library to mitigate Go stdlib XML parsing vulnerability effecting SSO login. See GHSA-w3wf-cfx3-6gcx and the linked content within that advisory.

Follow up: Rotate --auth_jwt_key to invalidate existing sessions. Audit for suspicious activity in the Fleet server.

• Security: Prevent new queries from using the SQLite ATTACH command. This is a mitigation for the osquery vulnerability GHSA-4g56-2482-x7q8.

Follow up: Audit existing saved queries and logs of live query executions for possible malicious use of ATTACH. Upgrade osquery to 4.6.0 to prevent ATTACH queries from executing.

• Update icons and fix hosts dashboard for wide screen sizes.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/3.5.1/docs/README.md

Binary Checksum

SHA256

1476e27814861bc7964f1c0db122cb156d56996f1612518c330c522ba24368f4  fleet.zip
0adf9b70e6e1099d3c0d026b984a78996c2d1badb3884b4da7e5b1ca7f90fc3f  fleetctl.exe.zip
beab8bad8d48a3f7a4712610b1ba460ec8952f108337b02d709dc7aacd956ebe  fleetctl-macos.tar.gz
aabc45c718bc5286e0cb9bbb3b2afa9d9443e5089a33fdcee47c099b4b5f94af  fleetctl-windows.tar.gz
14da11eb9b389d13fd1e84888590fbf860491758fa251da0d7b86f5a5ad7ad74  fleetctl-linux.tar.gz

3.5.0

Changes

• Refresh the Fleet UI with new colors, fonts, and Fleet logos.

• All releases going forward will have the fleectl.exe.zip on the release page.

• Add documentation for the authentication Fleet REST API endpoints.

• Add FAQ answers about the stress test results for Fleet, configuring labels, and resetting auth tokens.

• Fixed a performance issue users encountered when multiple hosts shared the same UUID by adding a one minute cooldown.

• Improve the fleetctl preview startup experience.

• Fix a bug preventing the same query from being added to a scheduled pack more than once in the Fleet UI.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/3.5.0/docs/README.md

Binary Checksum

SHA256

053ff94a9e076e7fcf9be1f64e5cd5c3f6670623c2b03030bc4d9a7caa42f785  fleet.zip
7fdfb62ce2879061999ac6f98860981cbad8863dbed33c22a33e0e944c623912  fleetctl.exe.zip
88de3fa6189a952a7f515e0a8b565571ab421d852e93c10a53101243c4d6036d  fleetctl-linux.tar.gz
e4f1b683963e4404d46b605150de6edd1db32bfb7d7a31f8da1298a3cde880cd  fleetctl-macos.tar.gz
614a252881ffecb7f933b1df3bc87cd87cab2bf8443743cef1133ae63a91e2ba  fleetctl-windows.tar.gz

3.4.0

Changes

• Add NPM installer for fleetctl. Install via npm install -g osquery-fleetctl.

• Add fleetctl preview command to start a local test instance of the Fleet server with Docker.

• Add fleetctl debug commands and API endpoints for debugging server performance.

• Add additional_info_filters parameter to get hosts API endpoint for filtering returned additional_info.

• Updated package import paths from github.com/kolide/fleet to github.com/fleetdm/fleet.

• Add first of the Fleet REST API documentation.

• Add documentation on monitoring with Prometheus.

• Add documentation to FAQ for debugging database connection errors.

• Fix fleetctl Windows compatibility issues.

• Fix a bug preventing usernames from containing the @ symbol.

• Fix a bug in 3.3.0 in which there was an unexpected database migration warning.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/3.4.0/docs/README.md

Binary Checksum

SHA256

94934a4e5df1297f86b67cfb20abc026aa34f61d1035ae092781216aa1658a2d  fleet.zip
4b3a60cc780969729816525accc4ff21de51ef2edd3cd5492d0221e3e59a0ba3  fleetctl.exe.zip
c2d16c0654f3f0210969b2c478e841895b5cb885c64bdff60466de0d9920d556  fleetctl-macos.tar.gz
1ae03a5ce8923bea53d82459dc5202fec934665aba148f17168d893c54de375a  fleetctl-windows.tar.gz
5464d39f5dba4e759f1d15c881de99387bc34053546010ec5d645b88b1c1d88c  fleetctl-linux.tar.gz

3.3.0

With this release, Fleet has moved to the new github.com/fleetdm/fleet repository. Please follow changes and releases there.

Changes

• Add file carving functionality.

• Add fleetctl user create command.

• Add osquery options editor to admin pages in UI.

• Add fleetctl query --pretty option for pretty-printing query results.

• Add ability to disable packs with fleetctl apply.

• Improve "Add New Host" dialog to walk the user step-by-step through host enrollment.

• Improve 500 error page by allowing display of the error.

• Partial transition of branding away from "Kolide Fleet".

• Fix an issue with case insensitive enroll secret and node key authentication.

• Fix an issue with fleetctl query --quiet flag not actually suppressing output.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/3.3.0/docs/README.md

Binary Checksums

SHA256

f718e46f6dbcbc06c2f08dafa493fb042b4ec8cab738f8991a402cc39064677b  fleet.zip
5c51afc740db3f0dd924235e0edbd1f7589be51bd5109b8184764eff6cbb2325  fleetctl-macos.tar.gz
2c142633139776c307a2273fe7e9df00d2d485e4d3684a71d960f2d167f85d5f  fleetctl-windows.tar.gz
9b5a8bec64cfedc5a0d36d7b9cc02887516fc350558e163162cf73a85b9a5015  fleetctl-linux.tar.gz