Skip to content

Releases: nilsteampassnet/TeamPass

Teampass 3.0.0.11

03 Mar 05:26
Compare
Choose a tag to compare

Please ALWAYS download from the latest commit as this project is evolving regularly.

What's new

This release embeds next fixes:

  • Fix some inconsistencies in upgrade process
  • Add icon customization for folders and items based upon Font Awesome
  • Fix inconsistencies in usage of folders and roles management
  • Fix for CSV importation
  • Improved user auth password change
  • Updated libraries inputmask, jsTree, adminlte
  • Fix SQL injections discovered by Andrey Medov (Positive Technologies)
  • Fix some responsive issues with tables
  • Full list of changes: 3.0.0.10 -> 3.0.0.11

Limitation

All language strings are not yet updated.
Please join Teampass v3 translation project on Poeditor and participate in its translation in your language.

Upgrading from 2.1.27.36

The process might take a long time. Indeed, the encryption process has totally changed for improving the security.
Please have a look at the new encryption process schematic.
As a consequence, the upgrade process will regenerate all the expected keys for all items and users, which might take a long time.

Any feedback is very welcome.

Teampass 3.0.0.10

06 Feb 19:51
Compare
Choose a tag to compare

This release is recommended for any newcomer.

Please ALWAYS download from the latest commit as this project is evolving regularly.

What's new

This release embeds next fixes:

  • Upgrade process improved
  • Updated LDAPRecord library
  • All languages can now be selected
  • Several cosmetic fixes
  • Logs purge improvements
  • Added buttons to quickly navigate between items of same folder in 'item view mode'
  • Fix users management synched with ldap
  • Fixed google authentication
  • Full list of changes: 3.0.0.9 -> 3.0.0.10

Limitation

All language strings are not yet updated.
Please join Teampass v3 translation project on Poeditor and participate in its translation in your language.

Upgrading from 2.1.27.36

The process might take a long time. Indeed, the encryption process has totally changed for improving the security.
Please have a look at the new encryption process schematic.
As a consequence, the upgrade process will regenerate all the expected keys for all items and users, which might take a long time.

Any feedback is very welcome.

Teampass 3.0.0.9

08 Jan 14:57
Compare
Choose a tag to compare

This release is recommended for any newcomer.

Please ALWAYS download from the latest commit as this project is evolving regularly.

What's new

This release embeds next fixes:

  • Upgrade process is now available (from 2.1.27.36)
  • Updated PHPMailer library
  • Fix message "item changed and not saved" while exiting an item

Limitation

Only English language is available. Don't change the language!
Please join Teampass v3 translation project on Poeditor and participate in its translation in your language.

Upgrading from 2.1.27.36

The process might take a long time. Indeed, the encryption process has totally changed for improving the security.
Please have a look at the new encryption process schematic.
As a consequence, the upgrade process will regenerate all the expected keys for all items and users, which might take a long time.

Any feedback is very welcome.

Teampass 3.0.0.8

29 Jul 07:12
Compare
Choose a tag to compare

This release is recommended for any new comer to Teampass.
It could also be tested by users from Teampass 2.x but currently the import process is not finalized.

Only English language is available. Don't change the language!

This release includes a lot of small fixes and updates.
Nevertheless the most significant update concerns the LDAP users management.

Teampass 3.0.0.7

29 Nov 07:06
Compare
Choose a tag to compare

This release is a beta version.
It is recommended for new users to start from using this version.
Currently update from latest 2.X is not finalized.

Only English language is available. Don't change the language!

Updated jQuery libraries
Fix for #2826, #2827, #2828, #2829, #2830, #2832, #2831, #2839, #2837, #2833, #2834,
Implementing LDAPRecord:

  • users are auth via LDAP
  • simple synchronization of users from AD to Teampass

Release 2.1.27.36

30 May 15:20
Compare
Choose a tag to compare

Refer to changelog file to know main changes in Release 2.1.27.

New during upgrade

When upgrading, you need to indicate a valid administrator name/password, and you will also need to copy the saltkey into a password filed. It will be saved inside your database.
No database data are shown anymore. If the database information are changing, you need to update the file /includes/config/settings.php before starting upgrade.
IMPORTANT NOTE for users that have migrated to 2.1.27.0 and that have file encryption option enabled

Files encryption process have completely being reworked. Before upgrading, please do the next:

  • open upload folder
  • copy existing files in a temporary folder
  • restore the files from a backup of a previous version (for example 2.1.26)
  • start upgrade

Newly introduced since 2.1.27.36

This update just need the files to be overwritten. No need to run upgrade.php.

#2601 Cannot delete any password entries/items
#2564 Permissions problem
#2469 Export of credentials

Newly introduced since 2.1.27.35

#2564 Permissions problem
#2563 Unable to add item via API
#2560 Fix an issue for one time password changes if current user is not root
#2536 low 40bit RC4 - pdf export?
#2505 Update readme.md
#2503 Update Dockerfile to use $uri and $args variables
#2439 Allow RFC2307bis group membership checks.

Newly introduced since 2.1.27.34

#2549 Missing library
#2534 Syntax error in share permissions

Newly introduced since 2.1.27.33

#2458 Items folder automatically changes to the personal one
#2156 #2183 Issue with cyrillic in exported files (PDF, CSV)

Newly introduced since 2.1.27.32

#2513 Error for login with DUOSecurity

Newly introduced since 2.1.27.31

#2511 LDAP Password change: old PW still valid
#2507 On user password change (from Users management page), email is not sent
#2499 Weird folders on first login with LDAP user
#2494 Upgrade error on config key 'bck_script_key' with single quote character
#2295 no edit possible if an folder added in the Allowed Folders

Newly introduced since 2.1.27.30

#2486 Editing roles on users wipes dissimilar roles
#2458 Items folder automatically changes to the personal one
#2472 Nginx webroot is incorrect in Docker image. Fixed by merging #2477

Newly introduced since 2.1.27.29

#2467, #2465 Cant login with normal user with hacking attempt message

Newly introduced since 2.1.27.28

#2461 Install procedure failing
#2457 Endless DB upgrade loop when upgrading

Newly introduced since 2.1.27.27

#2456 Postpone treatment to get user location (ipapi.co usage)
#2431 Correct item creation/edit tab label

Newly introduced since 2.1.27.26

#2453 account creation... password sent in email is "undefined"
#2455 Unable to login after upgrade from 2.1.27.23 => 2.1.27.25

Newly introduced since 2.1.27.25

#2454 Update from 2.1.27.23 to 2.1.27.24 doesn't work

Newly introduced since 2.1.27.24

#2452 Fix API URL
#2438 Add new user fails due to missing default for not null fields
#2436 Undefined variable: user_id in api/functions.php
#2432 Empty item URL automatically fills with 'https://'
#2426 New option to force admin user to get connect using 2 factor code
#2416 Backslash in user's password
#2401 New LDAP account has full access when they log in for the first time

/!\This new version fixes a very old design choice regarding the encoding of user names. It may impacts your users in some specific cases. The fix consists in authenticating twice.

Newly introduced since 2.1.27.23

#2419 Cannot show password by using item menu bars entry
#2418 Generatinga new password for a user fails with error
#2403 Cannot Login using LDAP user

Newly introduced since 2.1.27.22

#2408 Password complexity not enforced
#2326 link copy doesn't work corectly

Newly introduced since 2.1.27.21

#2398 User unable to change their own password from profile window
#2395 php warning in logs
#2376 fix link in readme

Newly introduced since 2.1.27.20

#2394 knowledge base page characters appear with "?"
#2393 After Deleting User, KB Is Blank
#2380 Increase fields size to prevent errors
#2372 Upload a file with dash in file name wil be renamed with underscore
Fix: loading folder information is wrong when using 'max'
Fix: error message item already exits culd appear on item edition
Security fix - Sanitized GET values in case of user password recovery (credit for Adam Roberts from http://www.nccgroup.trust/)

Newly introduced since 2.1.27.19

#2379 Setting "Number of items to retrieve per query" to Max

Newly introduced since 2.1.27.18

#2378 Personal sub-subfolders do not appear
#2373 Internal Server Error 500 Profile Window

Newly introduced since 2.1.27.17

#2367 Incorrect import into personal folder
#2364 Using another protocol than HTTP for the URL is not possible
#2362 Removed excess item id from API url add/item
#2360 Show logs without any auth
#2355 Return the parent folder ids on API call read/userfolders
#2353 Generate Password not working - wrong POST field
#2349 Folder with flag "allow empty password" says "Insufficient password strenght" on item edition
#2347 Disable "Forgot Password?" link feature not working
#2346 [CSV-Import] convert field to string bevore using replace()
#2345 restore, enter decrypt key then system logs out
#2341 API - Incorrect update item parameters decoding
#2334 error adding entry with the same name then another entry in a different folder
#2314 SQL error in API near user name
#2312 API Issue adding folder on root
#2290 Protection of OTV page errors
#2298 support for login through http header
#2265 API - Add item - comma separated base64 encoded string
Fix - in bug report, the email password is visible
Fix - 'Hide inaccessible password folder' doesn't work in all cases
Security fix - DUO codes are sanitized (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Through URL some operations were possible with no user rights check (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Backup key is generated by default (credit for Adam Roberts from http://www.nccgroup.trust/)

Newly introduced since 2.1.27.16

New - Added folders filter in Manage Roles page
New - Added folders alphabet filter in Manage Folders page
#2279 Google Authentication no link
#2277 Import fails when Login: / Account: has a backslash inside of it
#2274 Import from csv-list includes items that are marked as already imported
#2263 New upload settings to permit empty files and/or any extensions to be uploaded

Newly introduced since 2.1.27.15

#2266 Google 2FA mail for temporary code is blank

Newly introduced since 2.1.27.14

Fix for missing install/upgrade instructions

Newly introduced since 2.1.27.13

New - Templating system based upon Custom Fields
#2256 User can select his 2FA methods if several selected
#2253 Google Authenticator not working
#2248 Item suggestion is not available from Regular User
#2246 Copy folder does not copy rights structure
#2245 TeamPass 2FA QR Code won't show after providing activiation code
#2244 html entities get interpreted inside passwords

Newly introduced since 2.1.27.12

Added new option permitting to enable secure image preview
Added warning to user if login attempts identified since last successful connection
Added Yubico support for 2FA authentication
Added restriction access to Custom Fields
Added textarea format for custom field
Improved the possibility to move files folder outside of Teampass Domain
Improved user creation with LDAP and Google and DUO 2FA
Improved log in case of failed authentication - used login is shown
Improved syslog message format
Updated library PHPMailer to 5.5
#2223 Error while using php v5.6
#2206 New ldap user and ad password change
#2204 Password copy - cryptic log entry using syslog
#2202 Search functionality - no log entry upon display
#2201 Search functionality - password shown in plaintext
#2198 Hang when changing second folder password strength and required password strength
#2196 API create item fails when Base64 encoding contains "/"
#2192 Encrypted Files Are Stored (Temporary) in Plaintext And Can Be Downloaded Without Authorization
#2191 Bad redirection to login form on password recovery process
#2189 (Google) 2FA Does Not Work With LDAP (Windows / Active Directory)

Newly introduced since 2.1.27.11

Changed licensing to GNU GPL-3.0
New - User must provide a reason to access a restricted item
New - Add option to have local and remote accounts when LDAP is enabled
Improved security of password generator with php7
Improved cannot edit user without email
Improved read-only user limitation to copy folder and import action
Improved tree rebuild with API on folders change
Improved tables primary and index usage
Improved LDAP new user by default role
Improved visibility of path in items list result
Improved email body with item path
Introduced an API key by user
Fix for API keys truncated
Fix offline password dispay in case of html tags similar in password
Fix failed folder creation in case of password complexity not reached
Fix missing quick icons in search results
#2175 Apostrophes are not handled correctly in usernames
#2174 Offline mode file bypass read right restrictions
#2172 2FA Reset Link Can Be Abused
#2168 API for adding users is not working
#2167 Info tab is not working if behind a proxy
#2161 Missing backslash in acount name
#2160 Added a test for preventing Folders list not shown
#2154 Personal saltkey is not stored when option enabled
#2153 [{"error":"no_key_provided"} when running backup script on teampass container
#2152 No search result and empty popup appear
#2151 Error in knowledge base th...

Read more

Release 2.1.27.35

17 Mar 19:26
Compare
Choose a tag to compare

Refer to changelog file to know main changes in Release 2.1.27.

New during upgrade

When upgrading, you need to indicate a valid administrator name/password, and you will also need to copy the saltkey into a password filed. It will be saved inside your database.
No database data are shown anymore. If the database information are changing, you need to update the file /includes/config/settings.php before starting upgrade.
IMPORTANT NOTE for users that have migrated to 2.1.27.0 and that have file encryption option enabled

Files encryption process have completely being reworked. Before upgrading, please do the next:

  • open upload folder
  • copy existing files in a temporary folder
  • restore the files from a backup of a previous version (for example 2.1.26)
  • start upgrade

Newly introduced since 2.1.27.35

#2564 Permissions problem
#2563 Unable to add item via API
#2560 Fix an issue for one time password changes if current user is not root
#2536 low 40bit RC4 - pdf export?
#2505 Update readme.md
#2503 Update Dockerfile to use $uri and $args variables
#2439 Allow RFC2307bis group membership checks.

Newly introduced since 2.1.27.34

#2549 Missing library
#2534 Syntax error in share permissions

Newly introduced since 2.1.27.33

#2458 Items folder automatically changes to the personal one
#2156 #2183 Issue with cyrillic in exported files (PDF, CSV)

Newly introduced since 2.1.27.32

#2513 Error for login with DUOSecurity

Newly introduced since 2.1.27.31

#2511 LDAP Password change: old PW still valid
#2507 On user password change (from Users management page), email is not sent
#2499 Weird folders on first login with LDAP user
#2494 Upgrade error on config key 'bck_script_key' with single quote character
#2295 no edit possible if an folder added in the Allowed Folders

Newly introduced since 2.1.27.30

#2486 Editing roles on users wipes dissimilar roles
#2458 Items folder automatically changes to the personal one
#2472 Nginx webroot is incorrect in Docker image. Fixed by merging #2477

Newly introduced since 2.1.27.29

#2467, #2465 Cant login with normal user with hacking attempt message

Newly introduced since 2.1.27.28

#2461 Install procedure failing
#2457 Endless DB upgrade loop when upgrading

Newly introduced since 2.1.27.27

#2456 Postpone treatment to get user location (ipapi.co usage)
#2431 Correct item creation/edit tab label

Newly introduced since 2.1.27.26

#2453 account creation... password sent in email is "undefined"
#2455 Unable to login after upgrade from 2.1.27.23 => 2.1.27.25

Newly introduced since 2.1.27.25

#2454 Update from 2.1.27.23 to 2.1.27.24 doesn't work

Newly introduced since 2.1.27.24

#2452 Fix API URL
#2438 Add new user fails due to missing default for not null fields
#2436 Undefined variable: user_id in api/functions.php
#2432 Empty item URL automatically fills with 'https://'
#2426 New option to force admin user to get connect using 2 factor code
#2416 Backslash in user's password
#2401 New LDAP account has full access when they log in for the first time

/!\This new version fixes a very old design choice regarding the encoding of user names. It may impacts your users in some specific cases. The fix consists in authenticating twice.

Newly introduced since 2.1.27.23

#2419 Cannot show password by using item menu bars entry
#2418 Generatinga new password for a user fails with error
#2403 Cannot Login using LDAP user

Newly introduced since 2.1.27.22

#2408 Password complexity not enforced
#2326 link copy doesn't work corectly

Newly introduced since 2.1.27.21

#2398 User unable to change their own password from profile window
#2395 php warning in logs
#2376 fix link in readme

Newly introduced since 2.1.27.20

#2394 knowledge base page characters appear with "?"
#2393 After Deleting User, KB Is Blank
#2380 Increase fields size to prevent errors
#2372 Upload a file with dash in file name wil be renamed with underscore
Fix: loading folder information is wrong when using 'max'
Fix: error message item already exits culd appear on item edition
Security fix - Sanitized GET values in case of user password recovery (credit for Adam Roberts from http://www.nccgroup.trust/)

Newly introduced since 2.1.27.19

#2379 Setting "Number of items to retrieve per query" to Max

Newly introduced since 2.1.27.18

#2378 Personal sub-subfolders do not appear
#2373 Internal Server Error 500 Profile Window

Newly introduced since 2.1.27.17

#2367 Incorrect import into personal folder
#2364 Using another protocol than HTTP for the URL is not possible
#2362 Removed excess item id from API url add/item
#2360 Show logs without any auth
#2355 Return the parent folder ids on API call read/userfolders
#2353 Generate Password not working - wrong POST field
#2349 Folder with flag "allow empty password" says "Insufficient password strenght" on item edition
#2347 Disable "Forgot Password?" link feature not working
#2346 [CSV-Import] convert field to string bevore using replace()
#2345 restore, enter decrypt key then system logs out
#2341 API - Incorrect update item parameters decoding
#2334 error adding entry with the same name then another entry in a different folder
#2314 SQL error in API near user name
#2312 API Issue adding folder on root
#2290 Protection of OTV page errors
#2298 support for login through http header
#2265 API - Add item - comma separated base64 encoded string
Fix - in bug report, the email password is visible
Fix - 'Hide inaccessible password folder' doesn't work in all cases
Security fix - DUO codes are sanitized (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Through URL some operations were possible with no user rights check (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Backup key is generated by default (credit for Adam Roberts from http://www.nccgroup.trust/)

Newly introduced since 2.1.27.16

New - Added folders filter in Manage Roles page
New - Added folders alphabet filter in Manage Folders page
#2279 Google Authentication no link
#2277 Import fails when Login: / Account: has a backslash inside of it
#2274 Import from csv-list includes items that are marked as already imported
#2263 New upload settings to permit empty files and/or any extensions to be uploaded

Newly introduced since 2.1.27.15

#2266 Google 2FA mail for temporary code is blank

Newly introduced since 2.1.27.14

Fix for missing install/upgrade instructions

Newly introduced since 2.1.27.13

New - Templating system based upon Custom Fields
#2256 User can select his 2FA methods if several selected
#2253 Google Authenticator not working
#2248 Item suggestion is not available from Regular User
#2246 Copy folder does not copy rights structure
#2245 TeamPass 2FA QR Code won't show after providing activiation code
#2244 html entities get interpreted inside passwords

Newly introduced since 2.1.27.12

Added new option permitting to enable secure image preview
Added warning to user if login attempts identified since last successful connection
Added Yubico support for 2FA authentication
Added restriction access to Custom Fields
Added textarea format for custom field
Improved the possibility to move files folder outside of Teampass Domain
Improved user creation with LDAP and Google and DUO 2FA
Improved log in case of failed authentication - used login is shown
Improved syslog message format
Updated library PHPMailer to 5.5
#2223 Error while using php v5.6
#2206 New ldap user and ad password change
#2204 Password copy - cryptic log entry using syslog
#2202 Search functionality - no log entry upon display
#2201 Search functionality - password shown in plaintext
#2198 Hang when changing second folder password strength and required password strength
#2196 API create item fails when Base64 encoding contains "/"
#2192 Encrypted Files Are Stored (Temporary) in Plaintext And Can Be Downloaded Without Authorization
#2191 Bad redirection to login form on password recovery process
#2189 (Google) 2FA Does Not Work With LDAP (Windows / Active Directory)

Newly introduced since 2.1.27.11

Changed licensing to GNU GPL-3.0
New - User must provide a reason to access a restricted item
New - Add option to have local and remote accounts when LDAP is enabled
Improved security of password generator with php7
Improved cannot edit user without email
Improved read-only user limitation to copy folder and import action
Improved tree rebuild with API on folders change
Improved tables primary and index usage
Improved LDAP new user by default role
Improved visibility of path in items list result
Improved email body with item path
Introduced an API key by user
Fix for API keys truncated
Fix offline password dispay in case of html tags similar in password
Fix failed folder creation in case of password complexity not reached
Fix missing quick icons in search results
#2175 Apostrophes are not handled correctly in usernames
#2174 Offline mode file bypass read right restrictions
#2172 2FA Reset Link Can Be Abused
#2168 API for adding users is not working
#2167 Info tab is not working if behind a proxy
#2161 Missing backslash in acount name
#2160 Added a test for preventing Folders list not shown
#2154 Personal saltkey is not stored when option enabled
#2153 [{"error":"no_key_provided"} when running backup script on teampass container
#2152 No search result and empty popup appear
#2151 Error in knowledge base that does not show option to swap pages
#2140 Moving subfolder to root level not possible
#2127 Grant access with simple folder copy
#2118 Empty user at Keepass file is not empty after import
#2116 Insufficient password stren...

Read more

Release 2.1.27.34

06 Mar 17:38
Compare
Choose a tag to compare

Refer to changelog file to know main changes in Release 2.1.27.

New during upgrade

When upgrading, you need to indicate a valid administrator name/password, and you will also need to copy the saltkey into a password filed. It will be saved inside your database.
No database data are shown anymore. If the database information are changing, you need to update the file /includes/config/settings.php before starting upgrade.
IMPORTANT NOTE for users that have migrated to 2.1.27.0 and that have file encryption option enabled

Files encryption process have completely being reworked. Before upgrading, please do the next:

  • open upload folder
  • copy existing files in a temporary folder
  • restore the files from a backup of a previous version (for example 2.1.26)
  • start upgrade

Newly introduced since 2.1.27.34

#2549 Missing library
#2534 Syntax error in share permissions

Newly introduced since 2.1.27.33

#2458 Items folder automatically changes to the personal one
#2156 #2183 Issue with cyrillic in exported files (PDF, CSV)

Newly introduced since 2.1.27.32

#2513 Error for login with DUOSecurity

Newly introduced since 2.1.27.31

#2511 LDAP Password change: old PW still valid
#2507 On user password change (from Users management page), email is not sent
#2499 Weird folders on first login with LDAP user
#2494 Upgrade error on config key 'bck_script_key' with single quote character
#2295 no edit possible if an folder added in the Allowed Folders

Newly introduced since 2.1.27.30

#2486 Editing roles on users wipes dissimilar roles
#2458 Items folder automatically changes to the personal one
#2472 Nginx webroot is incorrect in Docker image. Fixed by merging #2477

Newly introduced since 2.1.27.29

#2467, #2465 Cant login with normal user with hacking attempt message

Newly introduced since 2.1.27.28

#2461 Install procedure failing
#2457 Endless DB upgrade loop when upgrading

Newly introduced since 2.1.27.27

#2456 Postpone treatment to get user location (ipapi.co usage)
#2431 Correct item creation/edit tab label

Newly introduced since 2.1.27.26

#2453 account creation... password sent in email is "undefined"
#2455 Unable to login after upgrade from 2.1.27.23 => 2.1.27.25

Newly introduced since 2.1.27.25

#2454 Update from 2.1.27.23 to 2.1.27.24 doesn't work

Newly introduced since 2.1.27.24

#2452 Fix API URL
#2438 Add new user fails due to missing default for not null fields
#2436 Undefined variable: user_id in api/functions.php
#2432 Empty item URL automatically fills with 'https://'
#2426 New option to force admin user to get connect using 2 factor code
#2416 Backslash in user's password
#2401 New LDAP account has full access when they log in for the first time

/!\This new version fixes a very old design choice regarding the encoding of user names. It may impacts your users in some specific cases. The fix consists in authenticating twice.

Newly introduced since 2.1.27.23

#2419 Cannot show password by using item menu bars entry
#2418 Generatinga new password for a user fails with error
#2403 Cannot Login using LDAP user

Newly introduced since 2.1.27.22

#2408 Password complexity not enforced
#2326 link copy doesn't work corectly

Newly introduced since 2.1.27.21

#2398 User unable to change their own password from profile window
#2395 php warning in logs
#2376 fix link in readme

Newly introduced since 2.1.27.20

#2394 knowledge base page characters appear with "?"
#2393 After Deleting User, KB Is Blank
#2380 Increase fields size to prevent errors
#2372 Upload a file with dash in file name wil be renamed with underscore
Fix: loading folder information is wrong when using 'max'
Fix: error message item already exits culd appear on item edition
Security fix - Sanitized GET values in case of user password recovery (credit for Adam Roberts from http://www.nccgroup.trust/)

Newly introduced since 2.1.27.19

#2379 Setting "Number of items to retrieve per query" to Max

Newly introduced since 2.1.27.18

#2378 Personal sub-subfolders do not appear
#2373 Internal Server Error 500 Profile Window

Newly introduced since 2.1.27.17

#2367 Incorrect import into personal folder
#2364 Using another protocol than HTTP for the URL is not possible
#2362 Removed excess item id from API url add/item
#2360 Show logs without any auth
#2355 Return the parent folder ids on API call read/userfolders
#2353 Generate Password not working - wrong POST field
#2349 Folder with flag "allow empty password" says "Insufficient password strenght" on item edition
#2347 Disable "Forgot Password?" link feature not working
#2346 [CSV-Import] convert field to string bevore using replace()
#2345 restore, enter decrypt key then system logs out
#2341 API - Incorrect update item parameters decoding
#2334 error adding entry with the same name then another entry in a different folder
#2314 SQL error in API near user name
#2312 API Issue adding folder on root
#2290 Protection of OTV page errors
#2298 support for login through http header
#2265 API - Add item - comma separated base64 encoded string
Fix - in bug report, the email password is visible
Fix - 'Hide inaccessible password folder' doesn't work in all cases
Security fix - DUO codes are sanitized (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Through URL some operations were possible with no user rights check (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Backup key is generated by default (credit for Adam Roberts from http://www.nccgroup.trust/)

Newly introduced since 2.1.27.16

New - Added folders filter in Manage Roles page
New - Added folders alphabet filter in Manage Folders page
#2279 Google Authentication no link
#2277 Import fails when Login: / Account: has a backslash inside of it
#2274 Import from csv-list includes items that are marked as already imported
#2263 New upload settings to permit empty files and/or any extensions to be uploaded

Newly introduced since 2.1.27.15

#2266 Google 2FA mail for temporary code is blank

Newly introduced since 2.1.27.14

Fix for missing install/upgrade instructions

Newly introduced since 2.1.27.13

New - Templating system based upon Custom Fields
#2256 User can select his 2FA methods if several selected
#2253 Google Authenticator not working
#2248 Item suggestion is not available from Regular User
#2246 Copy folder does not copy rights structure
#2245 TeamPass 2FA QR Code won't show after providing activiation code
#2244 html entities get interpreted inside passwords

Newly introduced since 2.1.27.12

Added new option permitting to enable secure image preview
Added warning to user if login attempts identified since last successful connection
Added Yubico support for 2FA authentication
Added restriction access to Custom Fields
Added textarea format for custom field
Improved the possibility to move files folder outside of Teampass Domain
Improved user creation with LDAP and Google and DUO 2FA
Improved log in case of failed authentication - used login is shown
Improved syslog message format
Updated library PHPMailer to 5.5
#2223 Error while using php v5.6
#2206 New ldap user and ad password change
#2204 Password copy - cryptic log entry using syslog
#2202 Search functionality - no log entry upon display
#2201 Search functionality - password shown in plaintext
#2198 Hang when changing second folder password strength and required password strength
#2196 API create item fails when Base64 encoding contains "/"
#2192 Encrypted Files Are Stored (Temporary) in Plaintext And Can Be Downloaded Without Authorization
#2191 Bad redirection to login form on password recovery process
#2189 (Google) 2FA Does Not Work With LDAP (Windows / Active Directory)

Newly introduced since 2.1.27.11

Changed licensing to GNU GPL-3.0
New - User must provide a reason to access a restricted item
New - Add option to have local and remote accounts when LDAP is enabled
Improved security of password generator with php7
Improved cannot edit user without email
Improved read-only user limitation to copy folder and import action
Improved tree rebuild with API on folders change
Improved tables primary and index usage
Improved LDAP new user by default role
Improved visibility of path in items list result
Improved email body with item path
Introduced an API key by user
Fix for API keys truncated
Fix offline password dispay in case of html tags similar in password
Fix failed folder creation in case of password complexity not reached
Fix missing quick icons in search results
#2175 Apostrophes are not handled correctly in usernames
#2174 Offline mode file bypass read right restrictions
#2172 2FA Reset Link Can Be Abused
#2168 API for adding users is not working
#2167 Info tab is not working if behind a proxy
#2161 Missing backslash in acount name
#2160 Added a test for preventing Folders list not shown
#2154 Personal saltkey is not stored when option enabled
#2153 [{"error":"no_key_provided"} when running backup script on teampass container
#2152 No search result and empty popup appear
#2151 Error in knowledge base that does not show option to swap pages
#2140 Moving subfolder to root level not possible
#2127 Grant access with simple folder copy
#2118 Empty user at Keepass file is not empty after import
#2116 Insufficient password strength when creating Offline Mode
#2115 Fix script backup issue with encryption key
#2111 Add support for login through http header
#2109 restrict login to Group Ldap don't work
#2102 Changed field renewal_period size
#2096 Offline mode decryption fails if too much items exported
#2095 Can't upload files on items - Plupload update
#2094...

Read more

Release 2.1.27.33

13 Jan 15:12
Compare
Choose a tag to compare

Refer to changelog file to know main changes in Release 2.1.27.

New during upgrade

When upgrading, you need to indicate a valid administrator name/password, and you will also need to copy the saltkey into a password filed. It will be saved inside your database.
No database data are shown anymore. If the database information are changing, you need to update the file /includes/config/settings.php before starting upgrade.
IMPORTANT NOTE for users that have migrated to 2.1.27.0 and that have file encryption option enabled

Files encryption process have completely being reworked. Before upgrading, please do the next:

  • open upload folder
  • copy existing files in a temporary folder
  • restore the files from a backup of a previous version (for example 2.1.26)
  • start upgrade

Newly introduced since 2.1.27.33

#2458 Items folder automatically changes to the personal one
#2156 #2183 Issue with cyrillic in exported files (PDF, CSV)

Newly introduced since 2.1.27.32

#2513 Error for login with DUOSecurity

Newly introduced since 2.1.27.31

#2511 LDAP Password change: old PW still valid
#2507 On user password change (from Users management page), email is not sent
#2499 Weird folders on first login with LDAP user
#2494 Upgrade error on config key 'bck_script_key' with single quote character
#2295 no edit possible if an folder added in the Allowed Folders

Newly introduced since 2.1.27.30

#2486 Editing roles on users wipes dissimilar roles
#2458 Items folder automatically changes to the personal one
#2472 Nginx webroot is incorrect in Docker image. Fixed by merging #2477

Newly introduced since 2.1.27.29

#2467, #2465 Cant login with normal user with hacking attempt message

Newly introduced since 2.1.27.28

#2461 Install procedure failing
#2457 Endless DB upgrade loop when upgrading

Newly introduced since 2.1.27.27

#2456 Postpone treatment to get user location (ipapi.co usage)
#2431 Correct item creation/edit tab label

Newly introduced since 2.1.27.26

#2453 account creation... password sent in email is "undefined"
#2455 Unable to login after upgrade from 2.1.27.23 => 2.1.27.25

Newly introduced since 2.1.27.25

#2454 Update from 2.1.27.23 to 2.1.27.24 doesn't work

Newly introduced since 2.1.27.24

#2452 Fix API URL
#2438 Add new user fails due to missing default for not null fields
#2436 Undefined variable: user_id in api/functions.php
#2432 Empty item URL automatically fills with 'https://'
#2426 New option to force admin user to get connect using 2 factor code
#2416 Backslash in user's password
#2401 New LDAP account has full access when they log in for the first time

/!\This new version fixes a very old design choice regarding the encoding of user names. It may impacts your users in some specific cases. The fix consists in authenticating twice.

Newly introduced since 2.1.27.23

#2419 Cannot show password by using item menu bars entry
#2418 Generatinga new password for a user fails with error
#2403 Cannot Login using LDAP user

Newly introduced since 2.1.27.22

#2408 Password complexity not enforced
#2326 link copy doesn't work corectly

Newly introduced since 2.1.27.21

#2398 User unable to change their own password from profile window
#2395 php warning in logs
#2376 fix link in readme

Newly introduced since 2.1.27.20

#2394 knowledge base page characters appear with "?"
#2393 After Deleting User, KB Is Blank
#2380 Increase fields size to prevent errors
#2372 Upload a file with dash in file name wil be renamed with underscore
Fix: loading folder information is wrong when using 'max'
Fix: error message item already exits culd appear on item edition
Security fix - Sanitized GET values in case of user password recovery (credit for Adam Roberts from http://www.nccgroup.trust/)

Newly introduced since 2.1.27.19

#2379 Setting "Number of items to retrieve per query" to Max

Newly introduced since 2.1.27.18

#2378 Personal sub-subfolders do not appear
#2373 Internal Server Error 500 Profile Window

Newly introduced since 2.1.27.17

#2367 Incorrect import into personal folder
#2364 Using another protocol than HTTP for the URL is not possible
#2362 Removed excess item id from API url add/item
#2360 Show logs without any auth
#2355 Return the parent folder ids on API call read/userfolders
#2353 Generate Password not working - wrong POST field
#2349 Folder with flag "allow empty password" says "Insufficient password strenght" on item edition
#2347 Disable "Forgot Password?" link feature not working
#2346 [CSV-Import] convert field to string bevore using replace()
#2345 restore, enter decrypt key then system logs out
#2341 API - Incorrect update item parameters decoding
#2334 error adding entry with the same name then another entry in a different folder
#2314 SQL error in API near user name
#2312 API Issue adding folder on root
#2290 Protection of OTV page errors
#2298 support for login through http header
#2265 API - Add item - comma separated base64 encoded string
Fix - in bug report, the email password is visible
Fix - 'Hide inaccessible password folder' doesn't work in all cases
Security fix - DUO codes are sanitized (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Through URL some operations were possible with no user rights check (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Backup key is generated by default (credit for Adam Roberts from http://www.nccgroup.trust/)

Newly introduced since 2.1.27.16

New - Added folders filter in Manage Roles page
New - Added folders alphabet filter in Manage Folders page
#2279 Google Authentication no link
#2277 Import fails when Login: / Account: has a backslash inside of it
#2274 Import from csv-list includes items that are marked as already imported
#2263 New upload settings to permit empty files and/or any extensions to be uploaded

Newly introduced since 2.1.27.15

#2266 Google 2FA mail for temporary code is blank

Newly introduced since 2.1.27.14

Fix for missing install/upgrade instructions

Newly introduced since 2.1.27.13

New - Templating system based upon Custom Fields
#2256 User can select his 2FA methods if several selected
#2253 Google Authenticator not working
#2248 Item suggestion is not available from Regular User
#2246 Copy folder does not copy rights structure
#2245 TeamPass 2FA QR Code won't show after providing activiation code
#2244 html entities get interpreted inside passwords

Newly introduced since 2.1.27.12

Added new option permitting to enable secure image preview
Added warning to user if login attempts identified since last successful connection
Added Yubico support for 2FA authentication
Added restriction access to Custom Fields
Added textarea format for custom field
Improved the possibility to move files folder outside of Teampass Domain
Improved user creation with LDAP and Google and DUO 2FA
Improved log in case of failed authentication - used login is shown
Improved syslog message format
Updated library PHPMailer to 5.5
#2223 Error while using php v5.6
#2206 New ldap user and ad password change
#2204 Password copy - cryptic log entry using syslog
#2202 Search functionality - no log entry upon display
#2201 Search functionality - password shown in plaintext
#2198 Hang when changing second folder password strength and required password strength
#2196 API create item fails when Base64 encoding contains "/"
#2192 Encrypted Files Are Stored (Temporary) in Plaintext And Can Be Downloaded Without Authorization
#2191 Bad redirection to login form on password recovery process
#2189 (Google) 2FA Does Not Work With LDAP (Windows / Active Directory)

Newly introduced since 2.1.27.11

Changed licensing to GNU GPL-3.0
New - User must provide a reason to access a restricted item
New - Add option to have local and remote accounts when LDAP is enabled
Improved security of password generator with php7
Improved cannot edit user without email
Improved read-only user limitation to copy folder and import action
Improved tree rebuild with API on folders change
Improved tables primary and index usage
Improved LDAP new user by default role
Improved visibility of path in items list result
Improved email body with item path
Introduced an API key by user
Fix for API keys truncated
Fix offline password dispay in case of html tags similar in password
Fix failed folder creation in case of password complexity not reached
Fix missing quick icons in search results
#2175 Apostrophes are not handled correctly in usernames
#2174 Offline mode file bypass read right restrictions
#2172 2FA Reset Link Can Be Abused
#2168 API for adding users is not working
#2167 Info tab is not working if behind a proxy
#2161 Missing backslash in acount name
#2160 Added a test for preventing Folders list not shown
#2154 Personal saltkey is not stored when option enabled
#2153 [{"error":"no_key_provided"} when running backup script on teampass container
#2152 No search result and empty popup appear
#2151 Error in knowledge base that does not show option to swap pages
#2140 Moving subfolder to root level not possible
#2127 Grant access with simple folder copy
#2118 Empty user at Keepass file is not empty after import
#2116 Insufficient password strength when creating Offline Mode
#2115 Fix script backup issue with encryption key
#2111 Add support for login through http header
#2109 restrict login to Group Ldap don't work
#2102 Changed field renewal_period size
#2096 Offline mode decryption fails if too much items exported
#2095 Can't upload files on items - Plupload update
#2094 PHP 7.2: Call to undefined function mcrypt_encrypt()
#2093 role human resources doesn't access expect...

Read more

Release 2.1.27.32

10 Jan 09:28
Compare
Choose a tag to compare

Refer to changelog file to know main changes in Release 2.1.27.

New during upgrade

When upgrading, you need to indicate a valid administrator name/password, and you will also need to copy the saltkey into a password filed. It will be saved inside your database.
No database data are shown anymore. If the database information are changing, you need to update the file /includes/config/settings.php before starting upgrade.
IMPORTANT NOTE for users that have migrated to 2.1.27.0 and that have file encryption option enabled

Files encryption process have completely being reworked. Before upgrading, please do the next:

  • open upload folder
  • copy existing files in a temporary folder
  • restore the files from a backup of a previous version (for example 2.1.26)
  • start upgrade

Newly introduced since 2.1.27.32

#2513 Error for login with DUOSecurity

Newly introduced since 2.1.27.31

#2511 LDAP Password change: old PW still valid
#2507 On user password change (from Users management page), email is not sent
#2499 Weird folders on first login with LDAP user
#2494 Upgrade error on config key 'bck_script_key' with single quote character
#2295 no edit possible if an folder added in the Allowed Folders

Newly introduced since 2.1.27.30

#2486 Editing roles on users wipes dissimilar roles
#2458 Items folder automatically changes to the personal one
#2472 Nginx webroot is incorrect in Docker image. Fixed by merging #2477

Newly introduced since 2.1.27.29

#2467, #2465 Cant login with normal user with hacking attempt message

Newly introduced since 2.1.27.28

#2461 Install procedure failing
#2457 Endless DB upgrade loop when upgrading

Newly introduced since 2.1.27.27

#2456 Postpone treatment to get user location (ipapi.co usage)
#2431 Correct item creation/edit tab label

Newly introduced since 2.1.27.26

#2453 account creation... password sent in email is "undefined"
#2455 Unable to login after upgrade from 2.1.27.23 => 2.1.27.25

Newly introduced since 2.1.27.25

#2454 Update from 2.1.27.23 to 2.1.27.24 doesn't work

Newly introduced since 2.1.27.24

#2452 Fix API URL
#2438 Add new user fails due to missing default for not null fields
#2436 Undefined variable: user_id in api/functions.php
#2432 Empty item URL automatically fills with 'https://'
#2426 New option to force admin user to get connect using 2 factor code
#2416 Backslash in user's password
#2401 New LDAP account has full access when they log in for the first time

/!\This new version fixes a very old design choice regarding the encoding of user names. It may impacts your users in some specific cases. The fix consists in authenticating twice.

Newly introduced since 2.1.27.23

#2419 Cannot show password by using item menu bars entry
#2418 Generatinga new password for a user fails with error
#2403 Cannot Login using LDAP user

Newly introduced since 2.1.27.22

#2408 Password complexity not enforced
#2326 link copy doesn't work corectly

Newly introduced since 2.1.27.21

#2398 User unable to change their own password from profile window
#2395 php warning in logs
#2376 fix link in readme

Newly introduced since 2.1.27.20

#2394 knowledge base page characters appear with "?"
#2393 After Deleting User, KB Is Blank
#2380 Increase fields size to prevent errors
#2372 Upload a file with dash in file name wil be renamed with underscore
Fix: loading folder information is wrong when using 'max'
Fix: error message item already exits culd appear on item edition
Security fix - Sanitized GET values in case of user password recovery (credit for Adam Roberts from http://www.nccgroup.trust/)

Newly introduced since 2.1.27.19

#2379 Setting "Number of items to retrieve per query" to Max

Newly introduced since 2.1.27.18

#2378 Personal sub-subfolders do not appear
#2373 Internal Server Error 500 Profile Window

Newly introduced since 2.1.27.17

#2367 Incorrect import into personal folder
#2364 Using another protocol than HTTP for the URL is not possible
#2362 Removed excess item id from API url add/item
#2360 Show logs without any auth
#2355 Return the parent folder ids on API call read/userfolders
#2353 Generate Password not working - wrong POST field
#2349 Folder with flag "allow empty password" says "Insufficient password strenght" on item edition
#2347 Disable "Forgot Password?" link feature not working
#2346 [CSV-Import] convert field to string bevore using replace()
#2345 restore, enter decrypt key then system logs out
#2341 API - Incorrect update item parameters decoding
#2334 error adding entry with the same name then another entry in a different folder
#2314 SQL error in API near user name
#2312 API Issue adding folder on root
#2290 Protection of OTV page errors
#2298 support for login through http header
#2265 API - Add item - comma separated base64 encoded string
Fix - in bug report, the email password is visible
Fix - 'Hide inaccessible password folder' doesn't work in all cases
Security fix - DUO codes are sanitized (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Through URL some operations were possible with no user rights check (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Backup key is generated by default (credit for Adam Roberts from http://www.nccgroup.trust/)

Newly introduced since 2.1.27.16

New - Added folders filter in Manage Roles page
New - Added folders alphabet filter in Manage Folders page
#2279 Google Authentication no link
#2277 Import fails when Login: / Account: has a backslash inside of it
#2274 Import from csv-list includes items that are marked as already imported
#2263 New upload settings to permit empty files and/or any extensions to be uploaded

Newly introduced since 2.1.27.15

#2266 Google 2FA mail for temporary code is blank

Newly introduced since 2.1.27.14

Fix for missing install/upgrade instructions

Newly introduced since 2.1.27.13

New - Templating system based upon Custom Fields
#2256 User can select his 2FA methods if several selected
#2253 Google Authenticator not working
#2248 Item suggestion is not available from Regular User
#2246 Copy folder does not copy rights structure
#2245 TeamPass 2FA QR Code won't show after providing activiation code
#2244 html entities get interpreted inside passwords

Newly introduced since 2.1.27.12

Added new option permitting to enable secure image preview
Added warning to user if login attempts identified since last successful connection
Added Yubico support for 2FA authentication
Added restriction access to Custom Fields
Added textarea format for custom field
Improved the possibility to move files folder outside of Teampass Domain
Improved user creation with LDAP and Google and DUO 2FA
Improved log in case of failed authentication - used login is shown
Improved syslog message format
Updated library PHPMailer to 5.5
#2223 Error while using php v5.6
#2206 New ldap user and ad password change
#2204 Password copy - cryptic log entry using syslog
#2202 Search functionality - no log entry upon display
#2201 Search functionality - password shown in plaintext
#2198 Hang when changing second folder password strength and required password strength
#2196 API create item fails when Base64 encoding contains "/"
#2192 Encrypted Files Are Stored (Temporary) in Plaintext And Can Be Downloaded Without Authorization
#2191 Bad redirection to login form on password recovery process
#2189 (Google) 2FA Does Not Work With LDAP (Windows / Active Directory)

Newly introduced since 2.1.27.11

Changed licensing to GNU GPL-3.0
New - User must provide a reason to access a restricted item
New - Add option to have local and remote accounts when LDAP is enabled
Improved security of password generator with php7
Improved cannot edit user without email
Improved read-only user limitation to copy folder and import action
Improved tree rebuild with API on folders change
Improved tables primary and index usage
Improved LDAP new user by default role
Improved visibility of path in items list result
Improved email body with item path
Introduced an API key by user
Fix for API keys truncated
Fix offline password dispay in case of html tags similar in password
Fix failed folder creation in case of password complexity not reached
Fix missing quick icons in search results
#2175 Apostrophes are not handled correctly in usernames
#2174 Offline mode file bypass read right restrictions
#2172 2FA Reset Link Can Be Abused
#2168 API for adding users is not working
#2167 Info tab is not working if behind a proxy
#2161 Missing backslash in acount name
#2160 Added a test for preventing Folders list not shown
#2154 Personal saltkey is not stored when option enabled
#2153 [{"error":"no_key_provided"} when running backup script on teampass container
#2152 No search result and empty popup appear
#2151 Error in knowledge base that does not show option to swap pages
#2140 Moving subfolder to root level not possible
#2127 Grant access with simple folder copy
#2118 Empty user at Keepass file is not empty after import
#2116 Insufficient password strength when creating Offline Mode
#2115 Fix script backup issue with encryption key
#2111 Add support for login through http header
#2109 restrict login to Group Ldap don't work
#2102 Changed field renewal_period size
#2096 Offline mode decryption fails if too much items exported
#2095 Can't upload files on items - Plupload update
#2094 PHP 7.2: Call to undefined function mcrypt_encrypt()
#2093 role human resources doesn't access expected pages
#2090 On folder copy, an empty message box is shown
#2087 Custom fields displayed if empty
#2085 CSV import error if URL too long
#2082 API: new fo...

Read more