Releases: nilsteampassnet/TeamPass
Release 2.1.27.35
Refer to changelog file to know main changes in Release 2.1.27.
New during upgrade
When upgrading, you need to indicate a valid administrator name/password, and you will also need to copy the saltkey into a password filed. It will be saved inside your database.
No database data are shown anymore. If the database information are changing, you need to update the file /includes/config/settings.php before starting upgrade.
IMPORTANT NOTE for users that have migrated to 2.1.27.0 and that have file encryption option enabled
Files encryption process have completely being reworked. Before upgrading, please do the next:
- open upload folder
- copy existing files in a temporary folder
- restore the files from a backup of a previous version (for example 2.1.26)
- start upgrade
Newly introduced since 2.1.27.35
#2564 Permissions problem
#2563 Unable to add item via API
#2560 Fix an issue for one time password changes if current user is not root
#2536 low 40bit RC4 - pdf export?
#2505 Update readme.md
#2503 Update Dockerfile to use $uri and $args variables
#2439 Allow RFC2307bis group membership checks.
Newly introduced since 2.1.27.34
#2549 Missing library
#2534 Syntax error in share permissions
Newly introduced since 2.1.27.33
#2458 Items folder automatically changes to the personal one
#2156 #2183 Issue with cyrillic in exported files (PDF, CSV)
Newly introduced since 2.1.27.32
#2513 Error for login with DUOSecurity
Newly introduced since 2.1.27.31
#2511 LDAP Password change: old PW still valid
#2507 On user password change (from Users management page), email is not sent
#2499 Weird folders on first login with LDAP user
#2494 Upgrade error on config key 'bck_script_key' with single quote character
#2295 no edit possible if an folder added in the Allowed Folders
Newly introduced since 2.1.27.30
#2486 Editing roles on users wipes dissimilar roles
#2458 Items folder automatically changes to the personal one
#2472 Nginx webroot is incorrect in Docker image. Fixed by merging #2477
Newly introduced since 2.1.27.29
#2467, #2465 Cant login with normal user with hacking attempt message
Newly introduced since 2.1.27.28
#2461 Install procedure failing
#2457 Endless DB upgrade loop when upgrading
Newly introduced since 2.1.27.27
#2456 Postpone treatment to get user location (ipapi.co usage)
#2431 Correct item creation/edit tab label
Newly introduced since 2.1.27.26
#2453 account creation... password sent in email is "undefined"
#2455 Unable to login after upgrade from 2.1.27.23 => 2.1.27.25
Newly introduced since 2.1.27.25
#2454 Update from 2.1.27.23 to 2.1.27.24 doesn't work
Newly introduced since 2.1.27.24
#2452 Fix API URL
#2438 Add new user fails due to missing default for not null fields
#2436 Undefined variable: user_id in api/functions.php
#2432 Empty item URL automatically fills with 'https://'
#2426 New option to force admin user to get connect using 2 factor code
#2416 Backslash in user's password
#2401 New LDAP account has full access when they log in for the first time
/!\This new version fixes a very old design choice regarding the encoding of user names. It may impacts your users in some specific cases. The fix consists in authenticating twice.
Newly introduced since 2.1.27.23
#2419 Cannot show password by using item menu bars entry
#2418 Generatinga new password for a user fails with error
#2403 Cannot Login using LDAP user
Newly introduced since 2.1.27.22
#2408 Password complexity not enforced
#2326 link copy doesn't work corectly
Newly introduced since 2.1.27.21
#2398 User unable to change their own password from profile window
#2395 php warning in logs
#2376 fix link in readme
Newly introduced since 2.1.27.20
#2394 knowledge base page characters appear with "?"
#2393 After Deleting User, KB Is Blank
#2380 Increase fields size to prevent errors
#2372 Upload a file with dash in file name wil be renamed with underscore
Fix: loading folder information is wrong when using 'max'
Fix: error message item already exits culd appear on item edition
Security fix - Sanitized GET values in case of user password recovery (credit for Adam Roberts from http://www.nccgroup.trust/)
Newly introduced since 2.1.27.19
#2379 Setting "Number of items to retrieve per query" to Max
Newly introduced since 2.1.27.18
#2378 Personal sub-subfolders do not appear
#2373 Internal Server Error 500 Profile Window
Newly introduced since 2.1.27.17
#2367 Incorrect import into personal folder
#2364 Using another protocol than HTTP for the URL is not possible
#2362 Removed excess item id from API url add/item
#2360 Show logs without any auth
#2355 Return the parent folder ids on API call read/userfolders
#2353 Generate Password not working - wrong POST field
#2349 Folder with flag "allow empty password" says "Insufficient password strenght" on item edition
#2347 Disable "Forgot Password?" link feature not working
#2346 [CSV-Import] convert field to string bevore using replace()
#2345 restore, enter decrypt key then system logs out
#2341 API - Incorrect update item parameters decoding
#2334 error adding entry with the same name then another entry in a different folder
#2314 SQL error in API near user name
#2312 API Issue adding folder on root
#2290 Protection of OTV page errors
#2298 support for login through http header
#2265 API - Add item - comma separated base64 encoded string
Fix - in bug report, the email password is visible
Fix - 'Hide inaccessible password folder' doesn't work in all cases
Security fix - DUO codes are sanitized (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Through URL some operations were possible with no user rights check (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Backup key is generated by default (credit for Adam Roberts from http://www.nccgroup.trust/)
Newly introduced since 2.1.27.16
New - Added folders filter in Manage Roles page
New - Added folders alphabet filter in Manage Folders page
#2279 Google Authentication no link
#2277 Import fails when Login: / Account: has a backslash inside of it
#2274 Import from csv-list includes items that are marked as already imported
#2263 New upload settings to permit empty files and/or any extensions to be uploaded
Newly introduced since 2.1.27.15
#2266 Google 2FA mail for temporary code is blank
Newly introduced since 2.1.27.14
Fix for missing install/upgrade instructions
Newly introduced since 2.1.27.13
New - Templating system based upon Custom Fields
#2256 User can select his 2FA methods if several selected
#2253 Google Authenticator not working
#2248 Item suggestion is not available from Regular User
#2246 Copy folder does not copy rights structure
#2245 TeamPass 2FA QR Code won't show after providing activiation code
#2244 html entities get interpreted inside passwords
Newly introduced since 2.1.27.12
Added new option permitting to enable secure image preview
Added warning to user if login attempts identified since last successful connection
Added Yubico support for 2FA authentication
Added restriction access to Custom Fields
Added textarea format for custom field
Improved the possibility to move files folder outside of Teampass Domain
Improved user creation with LDAP and Google and DUO 2FA
Improved log in case of failed authentication - used login is shown
Improved syslog message format
Updated library PHPMailer to 5.5
#2223 Error while using php v5.6
#2206 New ldap user and ad password change
#2204 Password copy - cryptic log entry using syslog
#2202 Search functionality - no log entry upon display
#2201 Search functionality - password shown in plaintext
#2198 Hang when changing second folder password strength and required password strength
#2196 API create item fails when Base64 encoding contains "/"
#2192 Encrypted Files Are Stored (Temporary) in Plaintext And Can Be Downloaded Without Authorization
#2191 Bad redirection to login form on password recovery process
#2189 (Google) 2FA Does Not Work With LDAP (Windows / Active Directory)
Newly introduced since 2.1.27.11
Changed licensing to GNU GPL-3.0
New - User must provide a reason to access a restricted item
New - Add option to have local and remote accounts when LDAP is enabled
Improved security of password generator with php7
Improved cannot edit user without email
Improved read-only user limitation to copy folder and import action
Improved tree rebuild with API on folders change
Improved tables primary and index usage
Improved LDAP new user by default role
Improved visibility of path in items list result
Improved email body with item path
Introduced an API key by user
Fix for API keys truncated
Fix offline password dispay in case of html tags similar in password
Fix failed folder creation in case of password complexity not reached
Fix missing quick icons in search results
#2175 Apostrophes are not handled correctly in usernames
#2174 Offline mode file bypass read right restrictions
#2172 2FA Reset Link Can Be Abused
#2168 API for adding users is not working
#2167 Info tab is not working if behind a proxy
#2161 Missing backslash in acount name
#2160 Added a test for preventing Folders list not shown
#2154 Personal saltkey is not stored when option enabled
#2153 [{"error":"no_key_provided"} when running backup script on teampass container
#2152 No search result and empty popup appear
#2151 Error in knowledge base that does not show option to swap pages
#2140 Moving subfolder to root level not possible
#2127 Grant access with simple folder copy
#2118 Empty user at Keepass file is not empty after import
#2116 Insufficient password stren...
Release 2.1.27.34
Refer to changelog file to know main changes in Release 2.1.27.
New during upgrade
When upgrading, you need to indicate a valid administrator name/password, and you will also need to copy the saltkey into a password filed. It will be saved inside your database.
No database data are shown anymore. If the database information are changing, you need to update the file /includes/config/settings.php before starting upgrade.
IMPORTANT NOTE for users that have migrated to 2.1.27.0 and that have file encryption option enabled
Files encryption process have completely being reworked. Before upgrading, please do the next:
- open upload folder
- copy existing files in a temporary folder
- restore the files from a backup of a previous version (for example 2.1.26)
- start upgrade
Newly introduced since 2.1.27.34
#2549 Missing library
#2534 Syntax error in share permissions
Newly introduced since 2.1.27.33
#2458 Items folder automatically changes to the personal one
#2156 #2183 Issue with cyrillic in exported files (PDF, CSV)
Newly introduced since 2.1.27.32
#2513 Error for login with DUOSecurity
Newly introduced since 2.1.27.31
#2511 LDAP Password change: old PW still valid
#2507 On user password change (from Users management page), email is not sent
#2499 Weird folders on first login with LDAP user
#2494 Upgrade error on config key 'bck_script_key' with single quote character
#2295 no edit possible if an folder added in the Allowed Folders
Newly introduced since 2.1.27.30
#2486 Editing roles on users wipes dissimilar roles
#2458 Items folder automatically changes to the personal one
#2472 Nginx webroot is incorrect in Docker image. Fixed by merging #2477
Newly introduced since 2.1.27.29
#2467, #2465 Cant login with normal user with hacking attempt message
Newly introduced since 2.1.27.28
#2461 Install procedure failing
#2457 Endless DB upgrade loop when upgrading
Newly introduced since 2.1.27.27
#2456 Postpone treatment to get user location (ipapi.co usage)
#2431 Correct item creation/edit tab label
Newly introduced since 2.1.27.26
#2453 account creation... password sent in email is "undefined"
#2455 Unable to login after upgrade from 2.1.27.23 => 2.1.27.25
Newly introduced since 2.1.27.25
#2454 Update from 2.1.27.23 to 2.1.27.24 doesn't work
Newly introduced since 2.1.27.24
#2452 Fix API URL
#2438 Add new user fails due to missing default for not null fields
#2436 Undefined variable: user_id in api/functions.php
#2432 Empty item URL automatically fills with 'https://'
#2426 New option to force admin user to get connect using 2 factor code
#2416 Backslash in user's password
#2401 New LDAP account has full access when they log in for the first time
/!\This new version fixes a very old design choice regarding the encoding of user names. It may impacts your users in some specific cases. The fix consists in authenticating twice.
Newly introduced since 2.1.27.23
#2419 Cannot show password by using item menu bars entry
#2418 Generatinga new password for a user fails with error
#2403 Cannot Login using LDAP user
Newly introduced since 2.1.27.22
#2408 Password complexity not enforced
#2326 link copy doesn't work corectly
Newly introduced since 2.1.27.21
#2398 User unable to change their own password from profile window
#2395 php warning in logs
#2376 fix link in readme
Newly introduced since 2.1.27.20
#2394 knowledge base page characters appear with "?"
#2393 After Deleting User, KB Is Blank
#2380 Increase fields size to prevent errors
#2372 Upload a file with dash in file name wil be renamed with underscore
Fix: loading folder information is wrong when using 'max'
Fix: error message item already exits culd appear on item edition
Security fix - Sanitized GET values in case of user password recovery (credit for Adam Roberts from http://www.nccgroup.trust/)
Newly introduced since 2.1.27.19
#2379 Setting "Number of items to retrieve per query" to Max
Newly introduced since 2.1.27.18
#2378 Personal sub-subfolders do not appear
#2373 Internal Server Error 500 Profile Window
Newly introduced since 2.1.27.17
#2367 Incorrect import into personal folder
#2364 Using another protocol than HTTP for the URL is not possible
#2362 Removed excess item id from API url add/item
#2360 Show logs without any auth
#2355 Return the parent folder ids on API call read/userfolders
#2353 Generate Password not working - wrong POST field
#2349 Folder with flag "allow empty password" says "Insufficient password strenght" on item edition
#2347 Disable "Forgot Password?" link feature not working
#2346 [CSV-Import] convert field to string bevore using replace()
#2345 restore, enter decrypt key then system logs out
#2341 API - Incorrect update item parameters decoding
#2334 error adding entry with the same name then another entry in a different folder
#2314 SQL error in API near user name
#2312 API Issue adding folder on root
#2290 Protection of OTV page errors
#2298 support for login through http header
#2265 API - Add item - comma separated base64 encoded string
Fix - in bug report, the email password is visible
Fix - 'Hide inaccessible password folder' doesn't work in all cases
Security fix - DUO codes are sanitized (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Through URL some operations were possible with no user rights check (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Backup key is generated by default (credit for Adam Roberts from http://www.nccgroup.trust/)
Newly introduced since 2.1.27.16
New - Added folders filter in Manage Roles page
New - Added folders alphabet filter in Manage Folders page
#2279 Google Authentication no link
#2277 Import fails when Login: / Account: has a backslash inside of it
#2274 Import from csv-list includes items that are marked as already imported
#2263 New upload settings to permit empty files and/or any extensions to be uploaded
Newly introduced since 2.1.27.15
#2266 Google 2FA mail for temporary code is blank
Newly introduced since 2.1.27.14
Fix for missing install/upgrade instructions
Newly introduced since 2.1.27.13
New - Templating system based upon Custom Fields
#2256 User can select his 2FA methods if several selected
#2253 Google Authenticator not working
#2248 Item suggestion is not available from Regular User
#2246 Copy folder does not copy rights structure
#2245 TeamPass 2FA QR Code won't show after providing activiation code
#2244 html entities get interpreted inside passwords
Newly introduced since 2.1.27.12
Added new option permitting to enable secure image preview
Added warning to user if login attempts identified since last successful connection
Added Yubico support for 2FA authentication
Added restriction access to Custom Fields
Added textarea format for custom field
Improved the possibility to move files folder outside of Teampass Domain
Improved user creation with LDAP and Google and DUO 2FA
Improved log in case of failed authentication - used login is shown
Improved syslog message format
Updated library PHPMailer to 5.5
#2223 Error while using php v5.6
#2206 New ldap user and ad password change
#2204 Password copy - cryptic log entry using syslog
#2202 Search functionality - no log entry upon display
#2201 Search functionality - password shown in plaintext
#2198 Hang when changing second folder password strength and required password strength
#2196 API create item fails when Base64 encoding contains "/"
#2192 Encrypted Files Are Stored (Temporary) in Plaintext And Can Be Downloaded Without Authorization
#2191 Bad redirection to login form on password recovery process
#2189 (Google) 2FA Does Not Work With LDAP (Windows / Active Directory)
Newly introduced since 2.1.27.11
Changed licensing to GNU GPL-3.0
New - User must provide a reason to access a restricted item
New - Add option to have local and remote accounts when LDAP is enabled
Improved security of password generator with php7
Improved cannot edit user without email
Improved read-only user limitation to copy folder and import action
Improved tree rebuild with API on folders change
Improved tables primary and index usage
Improved LDAP new user by default role
Improved visibility of path in items list result
Improved email body with item path
Introduced an API key by user
Fix for API keys truncated
Fix offline password dispay in case of html tags similar in password
Fix failed folder creation in case of password complexity not reached
Fix missing quick icons in search results
#2175 Apostrophes are not handled correctly in usernames
#2174 Offline mode file bypass read right restrictions
#2172 2FA Reset Link Can Be Abused
#2168 API for adding users is not working
#2167 Info tab is not working if behind a proxy
#2161 Missing backslash in acount name
#2160 Added a test for preventing Folders list not shown
#2154 Personal saltkey is not stored when option enabled
#2153 [{"error":"no_key_provided"} when running backup script on teampass container
#2152 No search result and empty popup appear
#2151 Error in knowledge base that does not show option to swap pages
#2140 Moving subfolder to root level not possible
#2127 Grant access with simple folder copy
#2118 Empty user at Keepass file is not empty after import
#2116 Insufficient password strength when creating Offline Mode
#2115 Fix script backup issue with encryption key
#2111 Add support for login through http header
#2109 restrict login to Group Ldap don't work
#2102 Changed field renewal_period size
#2096 Offline mode decryption fails if too much items exported
#2095 Can't upload files on items - Plupload update
#2094...
Release 2.1.27.33
Refer to changelog file to know main changes in Release 2.1.27.
New during upgrade
When upgrading, you need to indicate a valid administrator name/password, and you will also need to copy the saltkey into a password filed. It will be saved inside your database.
No database data are shown anymore. If the database information are changing, you need to update the file /includes/config/settings.php before starting upgrade.
IMPORTANT NOTE for users that have migrated to 2.1.27.0 and that have file encryption option enabled
Files encryption process have completely being reworked. Before upgrading, please do the next:
- open upload folder
- copy existing files in a temporary folder
- restore the files from a backup of a previous version (for example 2.1.26)
- start upgrade
Newly introduced since 2.1.27.33
#2458 Items folder automatically changes to the personal one
#2156 #2183 Issue with cyrillic in exported files (PDF, CSV)
Newly introduced since 2.1.27.32
#2513 Error for login with DUOSecurity
Newly introduced since 2.1.27.31
#2511 LDAP Password change: old PW still valid
#2507 On user password change (from Users management page), email is not sent
#2499 Weird folders on first login with LDAP user
#2494 Upgrade error on config key 'bck_script_key' with single quote character
#2295 no edit possible if an folder added in the Allowed Folders
Newly introduced since 2.1.27.30
#2486 Editing roles on users wipes dissimilar roles
#2458 Items folder automatically changes to the personal one
#2472 Nginx webroot is incorrect in Docker image. Fixed by merging #2477
Newly introduced since 2.1.27.29
#2467, #2465 Cant login with normal user with hacking attempt message
Newly introduced since 2.1.27.28
#2461 Install procedure failing
#2457 Endless DB upgrade loop when upgrading
Newly introduced since 2.1.27.27
#2456 Postpone treatment to get user location (ipapi.co usage)
#2431 Correct item creation/edit tab label
Newly introduced since 2.1.27.26
#2453 account creation... password sent in email is "undefined"
#2455 Unable to login after upgrade from 2.1.27.23 => 2.1.27.25
Newly introduced since 2.1.27.25
#2454 Update from 2.1.27.23 to 2.1.27.24 doesn't work
Newly introduced since 2.1.27.24
#2452 Fix API URL
#2438 Add new user fails due to missing default for not null fields
#2436 Undefined variable: user_id in api/functions.php
#2432 Empty item URL automatically fills with 'https://'
#2426 New option to force admin user to get connect using 2 factor code
#2416 Backslash in user's password
#2401 New LDAP account has full access when they log in for the first time
/!\This new version fixes a very old design choice regarding the encoding of user names. It may impacts your users in some specific cases. The fix consists in authenticating twice.
Newly introduced since 2.1.27.23
#2419 Cannot show password by using item menu bars entry
#2418 Generatinga new password for a user fails with error
#2403 Cannot Login using LDAP user
Newly introduced since 2.1.27.22
#2408 Password complexity not enforced
#2326 link copy doesn't work corectly
Newly introduced since 2.1.27.21
#2398 User unable to change their own password from profile window
#2395 php warning in logs
#2376 fix link in readme
Newly introduced since 2.1.27.20
#2394 knowledge base page characters appear with "?"
#2393 After Deleting User, KB Is Blank
#2380 Increase fields size to prevent errors
#2372 Upload a file with dash in file name wil be renamed with underscore
Fix: loading folder information is wrong when using 'max'
Fix: error message item already exits culd appear on item edition
Security fix - Sanitized GET values in case of user password recovery (credit for Adam Roberts from http://www.nccgroup.trust/)
Newly introduced since 2.1.27.19
#2379 Setting "Number of items to retrieve per query" to Max
Newly introduced since 2.1.27.18
#2378 Personal sub-subfolders do not appear
#2373 Internal Server Error 500 Profile Window
Newly introduced since 2.1.27.17
#2367 Incorrect import into personal folder
#2364 Using another protocol than HTTP for the URL is not possible
#2362 Removed excess item id from API url add/item
#2360 Show logs without any auth
#2355 Return the parent folder ids on API call read/userfolders
#2353 Generate Password not working - wrong POST field
#2349 Folder with flag "allow empty password" says "Insufficient password strenght" on item edition
#2347 Disable "Forgot Password?" link feature not working
#2346 [CSV-Import] convert field to string bevore using replace()
#2345 restore, enter decrypt key then system logs out
#2341 API - Incorrect update item parameters decoding
#2334 error adding entry with the same name then another entry in a different folder
#2314 SQL error in API near user name
#2312 API Issue adding folder on root
#2290 Protection of OTV page errors
#2298 support for login through http header
#2265 API - Add item - comma separated base64 encoded string
Fix - in bug report, the email password is visible
Fix - 'Hide inaccessible password folder' doesn't work in all cases
Security fix - DUO codes are sanitized (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Through URL some operations were possible with no user rights check (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Backup key is generated by default (credit for Adam Roberts from http://www.nccgroup.trust/)
Newly introduced since 2.1.27.16
New - Added folders filter in Manage Roles page
New - Added folders alphabet filter in Manage Folders page
#2279 Google Authentication no link
#2277 Import fails when Login: / Account: has a backslash inside of it
#2274 Import from csv-list includes items that are marked as already imported
#2263 New upload settings to permit empty files and/or any extensions to be uploaded
Newly introduced since 2.1.27.15
#2266 Google 2FA mail for temporary code is blank
Newly introduced since 2.1.27.14
Fix for missing install/upgrade instructions
Newly introduced since 2.1.27.13
New - Templating system based upon Custom Fields
#2256 User can select his 2FA methods if several selected
#2253 Google Authenticator not working
#2248 Item suggestion is not available from Regular User
#2246 Copy folder does not copy rights structure
#2245 TeamPass 2FA QR Code won't show after providing activiation code
#2244 html entities get interpreted inside passwords
Newly introduced since 2.1.27.12
Added new option permitting to enable secure image preview
Added warning to user if login attempts identified since last successful connection
Added Yubico support for 2FA authentication
Added restriction access to Custom Fields
Added textarea format for custom field
Improved the possibility to move files folder outside of Teampass Domain
Improved user creation with LDAP and Google and DUO 2FA
Improved log in case of failed authentication - used login is shown
Improved syslog message format
Updated library PHPMailer to 5.5
#2223 Error while using php v5.6
#2206 New ldap user and ad password change
#2204 Password copy - cryptic log entry using syslog
#2202 Search functionality - no log entry upon display
#2201 Search functionality - password shown in plaintext
#2198 Hang when changing second folder password strength and required password strength
#2196 API create item fails when Base64 encoding contains "/"
#2192 Encrypted Files Are Stored (Temporary) in Plaintext And Can Be Downloaded Without Authorization
#2191 Bad redirection to login form on password recovery process
#2189 (Google) 2FA Does Not Work With LDAP (Windows / Active Directory)
Newly introduced since 2.1.27.11
Changed licensing to GNU GPL-3.0
New - User must provide a reason to access a restricted item
New - Add option to have local and remote accounts when LDAP is enabled
Improved security of password generator with php7
Improved cannot edit user without email
Improved read-only user limitation to copy folder and import action
Improved tree rebuild with API on folders change
Improved tables primary and index usage
Improved LDAP new user by default role
Improved visibility of path in items list result
Improved email body with item path
Introduced an API key by user
Fix for API keys truncated
Fix offline password dispay in case of html tags similar in password
Fix failed folder creation in case of password complexity not reached
Fix missing quick icons in search results
#2175 Apostrophes are not handled correctly in usernames
#2174 Offline mode file bypass read right restrictions
#2172 2FA Reset Link Can Be Abused
#2168 API for adding users is not working
#2167 Info tab is not working if behind a proxy
#2161 Missing backslash in acount name
#2160 Added a test for preventing Folders list not shown
#2154 Personal saltkey is not stored when option enabled
#2153 [{"error":"no_key_provided"} when running backup script on teampass container
#2152 No search result and empty popup appear
#2151 Error in knowledge base that does not show option to swap pages
#2140 Moving subfolder to root level not possible
#2127 Grant access with simple folder copy
#2118 Empty user at Keepass file is not empty after import
#2116 Insufficient password strength when creating Offline Mode
#2115 Fix script backup issue with encryption key
#2111 Add support for login through http header
#2109 restrict login to Group Ldap don't work
#2102 Changed field renewal_period size
#2096 Offline mode decryption fails if too much items exported
#2095 Can't upload files on items - Plupload update
#2094 PHP 7.2: Call to undefined function mcrypt_encrypt()
#2093 role human resources doesn't access expect...
Release 2.1.27.32
Refer to changelog file to know main changes in Release 2.1.27.
New during upgrade
When upgrading, you need to indicate a valid administrator name/password, and you will also need to copy the saltkey into a password filed. It will be saved inside your database.
No database data are shown anymore. If the database information are changing, you need to update the file /includes/config/settings.php before starting upgrade.
IMPORTANT NOTE for users that have migrated to 2.1.27.0 and that have file encryption option enabled
Files encryption process have completely being reworked. Before upgrading, please do the next:
- open upload folder
- copy existing files in a temporary folder
- restore the files from a backup of a previous version (for example 2.1.26)
- start upgrade
Newly introduced since 2.1.27.32
#2513 Error for login with DUOSecurity
Newly introduced since 2.1.27.31
#2511 LDAP Password change: old PW still valid
#2507 On user password change (from Users management page), email is not sent
#2499 Weird folders on first login with LDAP user
#2494 Upgrade error on config key 'bck_script_key' with single quote character
#2295 no edit possible if an folder added in the Allowed Folders
Newly introduced since 2.1.27.30
#2486 Editing roles on users wipes dissimilar roles
#2458 Items folder automatically changes to the personal one
#2472 Nginx webroot is incorrect in Docker image. Fixed by merging #2477
Newly introduced since 2.1.27.29
#2467, #2465 Cant login with normal user with hacking attempt message
Newly introduced since 2.1.27.28
#2461 Install procedure failing
#2457 Endless DB upgrade loop when upgrading
Newly introduced since 2.1.27.27
#2456 Postpone treatment to get user location (ipapi.co usage)
#2431 Correct item creation/edit tab label
Newly introduced since 2.1.27.26
#2453 account creation... password sent in email is "undefined"
#2455 Unable to login after upgrade from 2.1.27.23 => 2.1.27.25
Newly introduced since 2.1.27.25
#2454 Update from 2.1.27.23 to 2.1.27.24 doesn't work
Newly introduced since 2.1.27.24
#2452 Fix API URL
#2438 Add new user fails due to missing default for not null fields
#2436 Undefined variable: user_id in api/functions.php
#2432 Empty item URL automatically fills with 'https://'
#2426 New option to force admin user to get connect using 2 factor code
#2416 Backslash in user's password
#2401 New LDAP account has full access when they log in for the first time
/!\This new version fixes a very old design choice regarding the encoding of user names. It may impacts your users in some specific cases. The fix consists in authenticating twice.
Newly introduced since 2.1.27.23
#2419 Cannot show password by using item menu bars entry
#2418 Generatinga new password for a user fails with error
#2403 Cannot Login using LDAP user
Newly introduced since 2.1.27.22
#2408 Password complexity not enforced
#2326 link copy doesn't work corectly
Newly introduced since 2.1.27.21
#2398 User unable to change their own password from profile window
#2395 php warning in logs
#2376 fix link in readme
Newly introduced since 2.1.27.20
#2394 knowledge base page characters appear with "?"
#2393 After Deleting User, KB Is Blank
#2380 Increase fields size to prevent errors
#2372 Upload a file with dash in file name wil be renamed with underscore
Fix: loading folder information is wrong when using 'max'
Fix: error message item already exits culd appear on item edition
Security fix - Sanitized GET values in case of user password recovery (credit for Adam Roberts from http://www.nccgroup.trust/)
Newly introduced since 2.1.27.19
#2379 Setting "Number of items to retrieve per query" to Max
Newly introduced since 2.1.27.18
#2378 Personal sub-subfolders do not appear
#2373 Internal Server Error 500 Profile Window
Newly introduced since 2.1.27.17
#2367 Incorrect import into personal folder
#2364 Using another protocol than HTTP for the URL is not possible
#2362 Removed excess item id from API url add/item
#2360 Show logs without any auth
#2355 Return the parent folder ids on API call read/userfolders
#2353 Generate Password not working - wrong POST field
#2349 Folder with flag "allow empty password" says "Insufficient password strenght" on item edition
#2347 Disable "Forgot Password?" link feature not working
#2346 [CSV-Import] convert field to string bevore using replace()
#2345 restore, enter decrypt key then system logs out
#2341 API - Incorrect update item parameters decoding
#2334 error adding entry with the same name then another entry in a different folder
#2314 SQL error in API near user name
#2312 API Issue adding folder on root
#2290 Protection of OTV page errors
#2298 support for login through http header
#2265 API - Add item - comma separated base64 encoded string
Fix - in bug report, the email password is visible
Fix - 'Hide inaccessible password folder' doesn't work in all cases
Security fix - DUO codes are sanitized (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Through URL some operations were possible with no user rights check (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Backup key is generated by default (credit for Adam Roberts from http://www.nccgroup.trust/)
Newly introduced since 2.1.27.16
New - Added folders filter in Manage Roles page
New - Added folders alphabet filter in Manage Folders page
#2279 Google Authentication no link
#2277 Import fails when Login: / Account: has a backslash inside of it
#2274 Import from csv-list includes items that are marked as already imported
#2263 New upload settings to permit empty files and/or any extensions to be uploaded
Newly introduced since 2.1.27.15
#2266 Google 2FA mail for temporary code is blank
Newly introduced since 2.1.27.14
Fix for missing install/upgrade instructions
Newly introduced since 2.1.27.13
New - Templating system based upon Custom Fields
#2256 User can select his 2FA methods if several selected
#2253 Google Authenticator not working
#2248 Item suggestion is not available from Regular User
#2246 Copy folder does not copy rights structure
#2245 TeamPass 2FA QR Code won't show after providing activiation code
#2244 html entities get interpreted inside passwords
Newly introduced since 2.1.27.12
Added new option permitting to enable secure image preview
Added warning to user if login attempts identified since last successful connection
Added Yubico support for 2FA authentication
Added restriction access to Custom Fields
Added textarea format for custom field
Improved the possibility to move files folder outside of Teampass Domain
Improved user creation with LDAP and Google and DUO 2FA
Improved log in case of failed authentication - used login is shown
Improved syslog message format
Updated library PHPMailer to 5.5
#2223 Error while using php v5.6
#2206 New ldap user and ad password change
#2204 Password copy - cryptic log entry using syslog
#2202 Search functionality - no log entry upon display
#2201 Search functionality - password shown in plaintext
#2198 Hang when changing second folder password strength and required password strength
#2196 API create item fails when Base64 encoding contains "/"
#2192 Encrypted Files Are Stored (Temporary) in Plaintext And Can Be Downloaded Without Authorization
#2191 Bad redirection to login form on password recovery process
#2189 (Google) 2FA Does Not Work With LDAP (Windows / Active Directory)
Newly introduced since 2.1.27.11
Changed licensing to GNU GPL-3.0
New - User must provide a reason to access a restricted item
New - Add option to have local and remote accounts when LDAP is enabled
Improved security of password generator with php7
Improved cannot edit user without email
Improved read-only user limitation to copy folder and import action
Improved tree rebuild with API on folders change
Improved tables primary and index usage
Improved LDAP new user by default role
Improved visibility of path in items list result
Improved email body with item path
Introduced an API key by user
Fix for API keys truncated
Fix offline password dispay in case of html tags similar in password
Fix failed folder creation in case of password complexity not reached
Fix missing quick icons in search results
#2175 Apostrophes are not handled correctly in usernames
#2174 Offline mode file bypass read right restrictions
#2172 2FA Reset Link Can Be Abused
#2168 API for adding users is not working
#2167 Info tab is not working if behind a proxy
#2161 Missing backslash in acount name
#2160 Added a test for preventing Folders list not shown
#2154 Personal saltkey is not stored when option enabled
#2153 [{"error":"no_key_provided"} when running backup script on teampass container
#2152 No search result and empty popup appear
#2151 Error in knowledge base that does not show option to swap pages
#2140 Moving subfolder to root level not possible
#2127 Grant access with simple folder copy
#2118 Empty user at Keepass file is not empty after import
#2116 Insufficient password strength when creating Offline Mode
#2115 Fix script backup issue with encryption key
#2111 Add support for login through http header
#2109 restrict login to Group Ldap don't work
#2102 Changed field renewal_period size
#2096 Offline mode decryption fails if too much items exported
#2095 Can't upload files on items - Plupload update
#2094 PHP 7.2: Call to undefined function mcrypt_encrypt()
#2093 role human resources doesn't access expected pages
#2090 On folder copy, an empty message box is shown
#2087 Custom fields displayed if empty
#2085 CSV import error if URL too long
#2082 API: new fo...
Release 2.1.27.31
Refer to changelog file to know main changes in Release 2.1.27.
New during upgrade
When upgrading, you need to indicate a valid administrator name/password, and you will also need to copy the saltkey into a password filed. It will be saved inside your database.
No database data are shown anymore. If the database information are changing, you need to update the file /includes/config/settings.php before starting upgrade.
IMPORTANT NOTE for users that have migrated to 2.1.27.0 and that have file encryption option enabled
Files encryption process have completely being reworked. Before upgrading, please do the next:
- open upload folder
- copy existing files in a temporary folder
- restore the files from a backup of a previous version (for example 2.1.26)
- start upgrade
Newly introduced since 2.1.27.31
#2511 LDAP Password change: old PW still valid
#2507 On user password change (from Users management page), email is not sent
#2499 Weird folders on first login with LDAP user
#2494 Upgrade error on config key 'bck_script_key' with single quote character
#2295 no edit possible if an folder added in the Allowed Folders
Newly introduced since 2.1.27.30
#2486 Editing roles on users wipes dissimilar roles
#2458 Items folder automatically changes to the personal one
#2472 Nginx webroot is incorrect in Docker image. Fixed by merging #2477
Newly introduced since 2.1.27.29
#2467, #2465 Cant login with normal user with hacking attempt message
Newly introduced since 2.1.27.28
#2461 Install procedure failing
#2457 Endless DB upgrade loop when upgrading
Newly introduced since 2.1.27.27
#2456 Postpone treatment to get user location (ipapi.co usage)
#2431 Correct item creation/edit tab label
Newly introduced since 2.1.27.26
#2453 account creation... password sent in email is "undefined"
#2455 Unable to login after upgrade from 2.1.27.23 => 2.1.27.25
Newly introduced since 2.1.27.25
#2454 Update from 2.1.27.23 to 2.1.27.24 doesn't work
Newly introduced since 2.1.27.24
#2452 Fix API URL
#2438 Add new user fails due to missing default for not null fields
#2436 Undefined variable: user_id in api/functions.php
#2432 Empty item URL automatically fills with 'https://'
#2426 New option to force admin user to get connect using 2 factor code
#2416 Backslash in user's password
#2401 New LDAP account has full access when they log in for the first time
/!\This new version fixes a very old design choice regarding the encoding of user names. It may impacts your users in some specific cases. The fix consists in authenticating twice.
Newly introduced since 2.1.27.23
#2419 Cannot show password by using item menu bars entry
#2418 Generatinga new password for a user fails with error
#2403 Cannot Login using LDAP user
Newly introduced since 2.1.27.22
#2408 Password complexity not enforced
#2326 link copy doesn't work corectly
Newly introduced since 2.1.27.21
#2398 User unable to change their own password from profile window
#2395 php warning in logs
#2376 fix link in readme
Newly introduced since 2.1.27.20
#2394 knowledge base page characters appear with "?"
#2393 After Deleting User, KB Is Blank
#2380 Increase fields size to prevent errors
#2372 Upload a file with dash in file name wil be renamed with underscore
Fix: loading folder information is wrong when using 'max'
Fix: error message item already exits culd appear on item edition
Security fix - Sanitized GET values in case of user password recovery (credit for Adam Roberts from http://www.nccgroup.trust/)
Newly introduced since 2.1.27.19
#2379 Setting "Number of items to retrieve per query" to Max
Newly introduced since 2.1.27.18
#2378 Personal sub-subfolders do not appear
#2373 Internal Server Error 500 Profile Window
Newly introduced since 2.1.27.17
#2367 Incorrect import into personal folder
#2364 Using another protocol than HTTP for the URL is not possible
#2362 Removed excess item id from API url add/item
#2360 Show logs without any auth
#2355 Return the parent folder ids on API call read/userfolders
#2353 Generate Password not working - wrong POST field
#2349 Folder with flag "allow empty password" says "Insufficient password strenght" on item edition
#2347 Disable "Forgot Password?" link feature not working
#2346 [CSV-Import] convert field to string bevore using replace()
#2345 restore, enter decrypt key then system logs out
#2341 API - Incorrect update item parameters decoding
#2334 error adding entry with the same name then another entry in a different folder
#2314 SQL error in API near user name
#2312 API Issue adding folder on root
#2290 Protection of OTV page errors
#2298 support for login through http header
#2265 API - Add item - comma separated base64 encoded string
Fix - in bug report, the email password is visible
Fix - 'Hide inaccessible password folder' doesn't work in all cases
Security fix - DUO codes are sanitized (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Through URL some operations were possible with no user rights check (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Backup key is generated by default (credit for Adam Roberts from http://www.nccgroup.trust/)
Newly introduced since 2.1.27.16
New - Added folders filter in Manage Roles page
New - Added folders alphabet filter in Manage Folders page
#2279 Google Authentication no link
#2277 Import fails when Login: / Account: has a backslash inside of it
#2274 Import from csv-list includes items that are marked as already imported
#2263 New upload settings to permit empty files and/or any extensions to be uploaded
Newly introduced since 2.1.27.15
#2266 Google 2FA mail for temporary code is blank
Newly introduced since 2.1.27.14
Fix for missing install/upgrade instructions
Newly introduced since 2.1.27.13
New - Templating system based upon Custom Fields
#2256 User can select his 2FA methods if several selected
#2253 Google Authenticator not working
#2248 Item suggestion is not available from Regular User
#2246 Copy folder does not copy rights structure
#2245 TeamPass 2FA QR Code won't show after providing activiation code
#2244 html entities get interpreted inside passwords
Newly introduced since 2.1.27.12
Added new option permitting to enable secure image preview
Added warning to user if login attempts identified since last successful connection
Added Yubico support for 2FA authentication
Added restriction access to Custom Fields
Added textarea format for custom field
Improved the possibility to move files folder outside of Teampass Domain
Improved user creation with LDAP and Google and DUO 2FA
Improved log in case of failed authentication - used login is shown
Improved syslog message format
Updated library PHPMailer to 5.5
#2223 Error while using php v5.6
#2206 New ldap user and ad password change
#2204 Password copy - cryptic log entry using syslog
#2202 Search functionality - no log entry upon display
#2201 Search functionality - password shown in plaintext
#2198 Hang when changing second folder password strength and required password strength
#2196 API create item fails when Base64 encoding contains "/"
#2192 Encrypted Files Are Stored (Temporary) in Plaintext And Can Be Downloaded Without Authorization
#2191 Bad redirection to login form on password recovery process
#2189 (Google) 2FA Does Not Work With LDAP (Windows / Active Directory)
Newly introduced since 2.1.27.11
Changed licensing to GNU GPL-3.0
New - User must provide a reason to access a restricted item
New - Add option to have local and remote accounts when LDAP is enabled
Improved security of password generator with php7
Improved cannot edit user without email
Improved read-only user limitation to copy folder and import action
Improved tree rebuild with API on folders change
Improved tables primary and index usage
Improved LDAP new user by default role
Improved visibility of path in items list result
Improved email body with item path
Introduced an API key by user
Fix for API keys truncated
Fix offline password dispay in case of html tags similar in password
Fix failed folder creation in case of password complexity not reached
Fix missing quick icons in search results
#2175 Apostrophes are not handled correctly in usernames
#2174 Offline mode file bypass read right restrictions
#2172 2FA Reset Link Can Be Abused
#2168 API for adding users is not working
#2167 Info tab is not working if behind a proxy
#2161 Missing backslash in acount name
#2160 Added a test for preventing Folders list not shown
#2154 Personal saltkey is not stored when option enabled
#2153 [{"error":"no_key_provided"} when running backup script on teampass container
#2152 No search result and empty popup appear
#2151 Error in knowledge base that does not show option to swap pages
#2140 Moving subfolder to root level not possible
#2127 Grant access with simple folder copy
#2118 Empty user at Keepass file is not empty after import
#2116 Insufficient password strength when creating Offline Mode
#2115 Fix script backup issue with encryption key
#2111 Add support for login through http header
#2109 restrict login to Group Ldap don't work
#2102 Changed field renewal_period size
#2096 Offline mode decryption fails if too much items exported
#2095 Can't upload files on items - Plupload update
#2094 PHP 7.2: Call to undefined function mcrypt_encrypt()
#2093 role human resources doesn't access expected pages
#2090 On folder copy, an empty message box is shown
#2087 Custom fields displayed if empty
#2085 CSV import error if URL too long
#2082 API: new folder is allocated to same roles as its parent
#2081 LDAP bug, can't check con...
Release 2.1.27.30
Refer to changelog file to know main changes in Release 2.1.27.
New during upgrade
When upgrading, you need to indicate a valid administrator name/password, and you will also need to copy the saltkey into a password filed. It will be saved inside your database.
No database data are shown anymore. If the database information are changing, you need to update the file /includes/config/settings.php before starting upgrade.
IMPORTANT NOTE for users that have migrated to 2.1.27.0 and that have file encryption option enabled
Files encryption process have completely being reworked. Before upgrading, please do the next:
- open upload folder
- copy existing files in a temporary folder
- restore the files from a backup of a previous version (for example 2.1.26)
- start upgrade
Newly introduced since 2.1.27.30
#2486 Editing roles on users wipes dissimilar roles
#2458 Items folder automatically changes to the personal one
#2472 Nginx webroot is incorrect in Docker image. Fixed by merging #2477
Newly introduced since 2.1.27.29
#2467, #2465 Cant login with normal user with hacking attempt message
Newly introduced since 2.1.27.28
#2461 Install procedure failing
#2457 Endless DB upgrade loop when upgrading
Newly introduced since 2.1.27.27
#2456 Postpone treatment to get user location (ipapi.co usage)
#2431 Correct item creation/edit tab label
Newly introduced since 2.1.27.26
#2453 account creation... password sent in email is "undefined"
#2455 Unable to login after upgrade from 2.1.27.23 => 2.1.27.25
Newly introduced since 2.1.27.25
#2454 Update from 2.1.27.23 to 2.1.27.24 doesn't work
Newly introduced since 2.1.27.24
#2452 Fix API URL
#2438 Add new user fails due to missing default for not null fields
#2436 Undefined variable: user_id in api/functions.php
#2432 Empty item URL automatically fills with 'https://'
#2426 New option to force admin user to get connect using 2 factor code
#2416 Backslash in user's password
#2401 New LDAP account has full access when they log in for the first time
/!\This new version fixes a very old design choice regarding the encoding of user names. It may impacts your users in some specific cases. The fix consists in authenticating twice.
Newly introduced since 2.1.27.23
#2419 Cannot show password by using item menu bars entry
#2418 Generatinga new password for a user fails with error
#2403 Cannot Login using LDAP user
Newly introduced since 2.1.27.22
#2408 Password complexity not enforced
#2326 link copy doesn't work corectly
Newly introduced since 2.1.27.21
#2398 User unable to change their own password from profile window
#2395 php warning in logs
#2376 fix link in readme
Newly introduced since 2.1.27.20
#2394 knowledge base page characters appear with "?"
#2393 After Deleting User, KB Is Blank
#2380 Increase fields size to prevent errors
#2372 Upload a file with dash in file name wil be renamed with underscore
Fix: loading folder information is wrong when using 'max'
Fix: error message item already exits culd appear on item edition
Security fix - Sanitized GET values in case of user password recovery (credit for Adam Roberts from http://www.nccgroup.trust/)
Newly introduced since 2.1.27.19
#2379 Setting "Number of items to retrieve per query" to Max
Newly introduced since 2.1.27.18
#2378 Personal sub-subfolders do not appear
#2373 Internal Server Error 500 Profile Window
Newly introduced since 2.1.27.17
#2367 Incorrect import into personal folder
#2364 Using another protocol than HTTP for the URL is not possible
#2362 Removed excess item id from API url add/item
#2360 Show logs without any auth
#2355 Return the parent folder ids on API call read/userfolders
#2353 Generate Password not working - wrong POST field
#2349 Folder with flag "allow empty password" says "Insufficient password strenght" on item edition
#2347 Disable "Forgot Password?" link feature not working
#2346 [CSV-Import] convert field to string bevore using replace()
#2345 restore, enter decrypt key then system logs out
#2341 API - Incorrect update item parameters decoding
#2334 error adding entry with the same name then another entry in a different folder
#2314 SQL error in API near user name
#2312 API Issue adding folder on root
#2290 Protection of OTV page errors
#2298 support for login through http header
#2265 API - Add item - comma separated base64 encoded string
Fix - in bug report, the email password is visible
Fix - 'Hide inaccessible password folder' doesn't work in all cases
Security fix - DUO codes are sanitized (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Through URL some operations were possible with no user rights check (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Backup key is generated by default (credit for Adam Roberts from http://www.nccgroup.trust/)
Newly introduced since 2.1.27.16
New - Added folders filter in Manage Roles page
New - Added folders alphabet filter in Manage Folders page
#2279 Google Authentication no link
#2277 Import fails when Login: / Account: has a backslash inside of it
#2274 Import from csv-list includes items that are marked as already imported
#2263 New upload settings to permit empty files and/or any extensions to be uploaded
Newly introduced since 2.1.27.15
#2266 Google 2FA mail for temporary code is blank
Newly introduced since 2.1.27.14
Fix for missing install/upgrade instructions
Newly introduced since 2.1.27.13
New - Templating system based upon Custom Fields
#2256 User can select his 2FA methods if several selected
#2253 Google Authenticator not working
#2248 Item suggestion is not available from Regular User
#2246 Copy folder does not copy rights structure
#2245 TeamPass 2FA QR Code won't show after providing activiation code
#2244 html entities get interpreted inside passwords
Newly introduced since 2.1.27.12
Added new option permitting to enable secure image preview
Added warning to user if login attempts identified since last successful connection
Added Yubico support for 2FA authentication
Added restriction access to Custom Fields
Added textarea format for custom field
Improved the possibility to move files folder outside of Teampass Domain
Improved user creation with LDAP and Google and DUO 2FA
Improved log in case of failed authentication - used login is shown
Improved syslog message format
Updated library PHPMailer to 5.5
#2223 Error while using php v5.6
#2206 New ldap user and ad password change
#2204 Password copy - cryptic log entry using syslog
#2202 Search functionality - no log entry upon display
#2201 Search functionality - password shown in plaintext
#2198 Hang when changing second folder password strength and required password strength
#2196 API create item fails when Base64 encoding contains "/"
#2192 Encrypted Files Are Stored (Temporary) in Plaintext And Can Be Downloaded Without Authorization
#2191 Bad redirection to login form on password recovery process
#2189 (Google) 2FA Does Not Work With LDAP (Windows / Active Directory)
Newly introduced since 2.1.27.11
Changed licensing to GNU GPL-3.0
New - User must provide a reason to access a restricted item
New - Add option to have local and remote accounts when LDAP is enabled
Improved security of password generator with php7
Improved cannot edit user without email
Improved read-only user limitation to copy folder and import action
Improved tree rebuild with API on folders change
Improved tables primary and index usage
Improved LDAP new user by default role
Improved visibility of path in items list result
Improved email body with item path
Introduced an API key by user
Fix for API keys truncated
Fix offline password dispay in case of html tags similar in password
Fix failed folder creation in case of password complexity not reached
Fix missing quick icons in search results
#2175 Apostrophes are not handled correctly in usernames
#2174 Offline mode file bypass read right restrictions
#2172 2FA Reset Link Can Be Abused
#2168 API for adding users is not working
#2167 Info tab is not working if behind a proxy
#2161 Missing backslash in acount name
#2160 Added a test for preventing Folders list not shown
#2154 Personal saltkey is not stored when option enabled
#2153 [{"error":"no_key_provided"} when running backup script on teampass container
#2152 No search result and empty popup appear
#2151 Error in knowledge base that does not show option to swap pages
#2140 Moving subfolder to root level not possible
#2127 Grant access with simple folder copy
#2118 Empty user at Keepass file is not empty after import
#2116 Insufficient password strength when creating Offline Mode
#2115 Fix script backup issue with encryption key
#2111 Add support for login through http header
#2109 restrict login to Group Ldap don't work
#2102 Changed field renewal_period size
#2096 Offline mode decryption fails if too much items exported
#2095 Can't upload files on items - Plupload update
#2094 PHP 7.2: Call to undefined function mcrypt_encrypt()
#2093 role human resources doesn't access expected pages
#2090 On folder copy, an empty message box is shown
#2087 Custom fields displayed if empty
#2085 CSV import error if URL too long
#2082 API: new folder is allocated to same roles as its parent
#2081 LDAP bug, can't check connection
#2080 Email sent on password copy in the clipboard
#2078 Purge Logs not selection not working properly
#2077 API: Deleting non existing folder deletes all folders
#2075 Button "delete selected Items" doesn't work
#2074 Backup by script not working
#2073 Move selected Items button
#2071 Search not working for items with multiple "Restricted to:...
Release 2.1.27.29
Refer to changelog file to know main changes in Release 2.1.27.
New during upgrade
When upgrading, you need to indicate a valid administrator name/password, and you will also need to copy the saltkey into a password filed. It will be saved inside your database.
No database data are shown anymore. If the database information are changing, you need to update the file /includes/config/settings.php before starting upgrade.
IMPORTANT NOTE for users that have migrated to 2.1.27.0 and that have file encryption option enabled
Files encryption process have completely being reworked. Before upgrading, please do the next:
- open upload folder
- copy existing files in a temporary folder
- restore the files from a backup of a previous version (for example 2.1.26)
- start upgrade
Newly introduced since 2.1.27.29
#2467, #2465 Cant login with normal user with hacking attempt message
Newly introduced since 2.1.27.28
#2461 Install procedure failing
#2457 Endless DB upgrade loop when upgrading
Newly introduced since 2.1.27.27
#2456 Postpone treatment to get user location (ipapi.co usage)
#2431 Correct item creation/edit tab label
Newly introduced since 2.1.27.26
#2453 account creation... password sent in email is "undefined"
#2455 Unable to login after upgrade from 2.1.27.23 => 2.1.27.25
Newly introduced since 2.1.27.25
#2454 Update from 2.1.27.23 to 2.1.27.24 doesn't work
Newly introduced since 2.1.27.24
#2452 Fix API URL
#2438 Add new user fails due to missing default for not null fields
#2436 Undefined variable: user_id in api/functions.php
#2432 Empty item URL automatically fills with 'https://'
#2426 New option to force admin user to get connect using 2 factor code
#2416 Backslash in user's password
#2401 New LDAP account has full access when they log in for the first time
/!\This new version fixes a very old design choice regarding the encoding of user names. It may impacts your users in some specific cases. The fix consists in authenticating twice.
Newly introduced since 2.1.27.23
#2419 Cannot show password by using item menu bars entry
#2418 Generatinga new password for a user fails with error
#2403 Cannot Login using LDAP user
Newly introduced since 2.1.27.22
#2408 Password complexity not enforced
#2326 link copy doesn't work corectly
Newly introduced since 2.1.27.21
#2398 User unable to change their own password from profile window
#2395 php warning in logs
#2376 fix link in readme
Newly introduced since 2.1.27.20
#2394 knowledge base page characters appear with "?"
#2393 After Deleting User, KB Is Blank
#2380 Increase fields size to prevent errors
#2372 Upload a file with dash in file name wil be renamed with underscore
Fix: loading folder information is wrong when using 'max'
Fix: error message item already exits culd appear on item edition
Security fix - Sanitized GET values in case of user password recovery (credit for Adam Roberts from http://www.nccgroup.trust/)
Newly introduced since 2.1.27.19
#2379 Setting "Number of items to retrieve per query" to Max
Newly introduced since 2.1.27.18
#2378 Personal sub-subfolders do not appear
#2373 Internal Server Error 500 Profile Window
Newly introduced since 2.1.27.17
#2367 Incorrect import into personal folder
#2364 Using another protocol than HTTP for the URL is not possible
#2362 Removed excess item id from API url add/item
#2360 Show logs without any auth
#2355 Return the parent folder ids on API call read/userfolders
#2353 Generate Password not working - wrong POST field
#2349 Folder with flag "allow empty password" says "Insufficient password strenght" on item edition
#2347 Disable "Forgot Password?" link feature not working
#2346 [CSV-Import] convert field to string bevore using replace()
#2345 restore, enter decrypt key then system logs out
#2341 API - Incorrect update item parameters decoding
#2334 error adding entry with the same name then another entry in a different folder
#2314 SQL error in API near user name
#2312 API Issue adding folder on root
#2290 Protection of OTV page errors
#2298 support for login through http header
#2265 API - Add item - comma separated base64 encoded string
Fix - in bug report, the email password is visible
Fix - 'Hide inaccessible password folder' doesn't work in all cases
Security fix - DUO codes are sanitized (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Through URL some operations were possible with no user rights check (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Backup key is generated by default (credit for Adam Roberts from http://www.nccgroup.trust/)
Newly introduced since 2.1.27.16
New - Added folders filter in Manage Roles page
New - Added folders alphabet filter in Manage Folders page
#2279 Google Authentication no link
#2277 Import fails when Login: / Account: has a backslash inside of it
#2274 Import from csv-list includes items that are marked as already imported
#2263 New upload settings to permit empty files and/or any extensions to be uploaded
Newly introduced since 2.1.27.15
#2266 Google 2FA mail for temporary code is blank
Newly introduced since 2.1.27.14
Fix for missing install/upgrade instructions
Newly introduced since 2.1.27.13
New - Templating system based upon Custom Fields
#2256 User can select his 2FA methods if several selected
#2253 Google Authenticator not working
#2248 Item suggestion is not available from Regular User
#2246 Copy folder does not copy rights structure
#2245 TeamPass 2FA QR Code won't show after providing activiation code
#2244 html entities get interpreted inside passwords
Newly introduced since 2.1.27.12
Added new option permitting to enable secure image preview
Added warning to user if login attempts identified since last successful connection
Added Yubico support for 2FA authentication
Added restriction access to Custom Fields
Added textarea format for custom field
Improved the possibility to move files folder outside of Teampass Domain
Improved user creation with LDAP and Google and DUO 2FA
Improved log in case of failed authentication - used login is shown
Improved syslog message format
Updated library PHPMailer to 5.5
#2223 Error while using php v5.6
#2206 New ldap user and ad password change
#2204 Password copy - cryptic log entry using syslog
#2202 Search functionality - no log entry upon display
#2201 Search functionality - password shown in plaintext
#2198 Hang when changing second folder password strength and required password strength
#2196 API create item fails when Base64 encoding contains "/"
#2192 Encrypted Files Are Stored (Temporary) in Plaintext And Can Be Downloaded Without Authorization
#2191 Bad redirection to login form on password recovery process
#2189 (Google) 2FA Does Not Work With LDAP (Windows / Active Directory)
Newly introduced since 2.1.27.11
Changed licensing to GNU GPL-3.0
New - User must provide a reason to access a restricted item
New - Add option to have local and remote accounts when LDAP is enabled
Improved security of password generator with php7
Improved cannot edit user without email
Improved read-only user limitation to copy folder and import action
Improved tree rebuild with API on folders change
Improved tables primary and index usage
Improved LDAP new user by default role
Improved visibility of path in items list result
Improved email body with item path
Introduced an API key by user
Fix for API keys truncated
Fix offline password dispay in case of html tags similar in password
Fix failed folder creation in case of password complexity not reached
Fix missing quick icons in search results
#2175 Apostrophes are not handled correctly in usernames
#2174 Offline mode file bypass read right restrictions
#2172 2FA Reset Link Can Be Abused
#2168 API for adding users is not working
#2167 Info tab is not working if behind a proxy
#2161 Missing backslash in acount name
#2160 Added a test for preventing Folders list not shown
#2154 Personal saltkey is not stored when option enabled
#2153 [{"error":"no_key_provided"} when running backup script on teampass container
#2152 No search result and empty popup appear
#2151 Error in knowledge base that does not show option to swap pages
#2140 Moving subfolder to root level not possible
#2127 Grant access with simple folder copy
#2118 Empty user at Keepass file is not empty after import
#2116 Insufficient password strength when creating Offline Mode
#2115 Fix script backup issue with encryption key
#2111 Add support for login through http header
#2109 restrict login to Group Ldap don't work
#2102 Changed field renewal_period size
#2096 Offline mode decryption fails if too much items exported
#2095 Can't upload files on items - Plupload update
#2094 PHP 7.2: Call to undefined function mcrypt_encrypt()
#2093 role human resources doesn't access expected pages
#2090 On folder copy, an empty message box is shown
#2087 Custom fields displayed if empty
#2085 CSV import error if URL too long
#2082 API: new folder is allocated to same roles as its parent
#2081 LDAP bug, can't check connection
#2080 Email sent on password copy in the clipboard
#2078 Purge Logs not selection not working properly
#2077 API: Deleting non existing folder deletes all folders
#2075 Button "delete selected Items" doesn't work
#2074 Backup by script not working
#2073 Move selected Items button
#2071 Search not working for items with multiple "Restricted to:" roles selected
#2069 Copy a read-only folder to a read-only folder
#2066 Read Only Users can Drag and drop items to there personal folder
#2065 send GAUTH-code on login form doesn't warn user if no email is set
#2064 LDAP...
Release 2.1.27.28
Refer to changelog file to know main changes in Release 2.1.27.
New during upgrade
When upgrading, you need to indicate a valid administrator name/password, and you will also need to copy the saltkey into a password filed. It will be saved inside your database.
No database data are shown anymore. If the database information are changing, you need to update the file /includes/config/settings.php before starting upgrade.
IMPORTANT NOTE for users that have migrated to 2.1.27.0 and that have file encryption option enabled
Files encryption process have completely being reworked. Before upgrading, please do the next:
- open upload folder
- copy existing files in a temporary folder
- restore the files from a backup of a previous version (for example 2.1.26)
- start upgrade
Newly introduced since 2.1.27.28
#2461 Install procedure failing
#2457 Endless DB upgrade loop when upgrading
Newly introduced since 2.1.27.27
#2456 Postpone treatment to get user location (ipapi.co usage)
#2431 Correct item creation/edit tab label
Newly introduced since 2.1.27.26
#2453 account creation... password sent in email is "undefined"
#2455 Unable to login after upgrade from 2.1.27.23 => 2.1.27.25
Newly introduced since 2.1.27.25
#2454 Update from 2.1.27.23 to 2.1.27.24 doesn't work
Newly introduced since 2.1.27.24
#2452 Fix API URL
#2438 Add new user fails due to missing default for not null fields
#2436 Undefined variable: user_id in api/functions.php
#2432 Empty item URL automatically fills with 'https://'
#2426 New option to force admin user to get connect using 2 factor code
#2416 Backslash in user's password
#2401 New LDAP account has full access when they log in for the first time
/!\This new version fixes a very old design choice regarding the encoding of user names. It may impacts your users in some specific cases. The fix consists in authenticating twice.
Newly introduced since 2.1.27.23
#2419 Cannot show password by using item menu bars entry
#2418 Generatinga new password for a user fails with error
#2403 Cannot Login using LDAP user
Newly introduced since 2.1.27.22
#2408 Password complexity not enforced
#2326 link copy doesn't work corectly
Newly introduced since 2.1.27.21
#2398 User unable to change their own password from profile window
#2395 php warning in logs
#2376 fix link in readme
Newly introduced since 2.1.27.20
#2394 knowledge base page characters appear with "?"
#2393 After Deleting User, KB Is Blank
#2380 Increase fields size to prevent errors
#2372 Upload a file with dash in file name wil be renamed with underscore
Fix: loading folder information is wrong when using 'max'
Fix: error message item already exits culd appear on item edition
Security fix - Sanitized GET values in case of user password recovery (credit for Adam Roberts from http://www.nccgroup.trust/)
Newly introduced since 2.1.27.19
#2379 Setting "Number of items to retrieve per query" to Max
Newly introduced since 2.1.27.18
#2378 Personal sub-subfolders do not appear
#2373 Internal Server Error 500 Profile Window
Newly introduced since 2.1.27.17
#2367 Incorrect import into personal folder
#2364 Using another protocol than HTTP for the URL is not possible
#2362 Removed excess item id from API url add/item
#2360 Show logs without any auth
#2355 Return the parent folder ids on API call read/userfolders
#2353 Generate Password not working - wrong POST field
#2349 Folder with flag "allow empty password" says "Insufficient password strenght" on item edition
#2347 Disable "Forgot Password?" link feature not working
#2346 [CSV-Import] convert field to string bevore using replace()
#2345 restore, enter decrypt key then system logs out
#2341 API - Incorrect update item parameters decoding
#2334 error adding entry with the same name then another entry in a different folder
#2314 SQL error in API near user name
#2312 API Issue adding folder on root
#2290 Protection of OTV page errors
#2298 support for login through http header
#2265 API - Add item - comma separated base64 encoded string
Fix - in bug report, the email password is visible
Fix - 'Hide inaccessible password folder' doesn't work in all cases
Security fix - DUO codes are sanitized (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Through URL some operations were possible with no user rights check (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Backup key is generated by default (credit for Adam Roberts from http://www.nccgroup.trust/)
Newly introduced since 2.1.27.16
New - Added folders filter in Manage Roles page
New - Added folders alphabet filter in Manage Folders page
#2279 Google Authentication no link
#2277 Import fails when Login: / Account: has a backslash inside of it
#2274 Import from csv-list includes items that are marked as already imported
#2263 New upload settings to permit empty files and/or any extensions to be uploaded
Newly introduced since 2.1.27.15
#2266 Google 2FA mail for temporary code is blank
Newly introduced since 2.1.27.14
Fix for missing install/upgrade instructions
Newly introduced since 2.1.27.13
New - Templating system based upon Custom Fields
#2256 User can select his 2FA methods if several selected
#2253 Google Authenticator not working
#2248 Item suggestion is not available from Regular User
#2246 Copy folder does not copy rights structure
#2245 TeamPass 2FA QR Code won't show after providing activiation code
#2244 html entities get interpreted inside passwords
Newly introduced since 2.1.27.12
Added new option permitting to enable secure image preview
Added warning to user if login attempts identified since last successful connection
Added Yubico support for 2FA authentication
Added restriction access to Custom Fields
Added textarea format for custom field
Improved the possibility to move files folder outside of Teampass Domain
Improved user creation with LDAP and Google and DUO 2FA
Improved log in case of failed authentication - used login is shown
Improved syslog message format
Updated library PHPMailer to 5.5
#2223 Error while using php v5.6
#2206 New ldap user and ad password change
#2204 Password copy - cryptic log entry using syslog
#2202 Search functionality - no log entry upon display
#2201 Search functionality - password shown in plaintext
#2198 Hang when changing second folder password strength and required password strength
#2196 API create item fails when Base64 encoding contains "/"
#2192 Encrypted Files Are Stored (Temporary) in Plaintext And Can Be Downloaded Without Authorization
#2191 Bad redirection to login form on password recovery process
#2189 (Google) 2FA Does Not Work With LDAP (Windows / Active Directory)
Newly introduced since 2.1.27.11
Changed licensing to GNU GPL-3.0
New - User must provide a reason to access a restricted item
New - Add option to have local and remote accounts when LDAP is enabled
Improved security of password generator with php7
Improved cannot edit user without email
Improved read-only user limitation to copy folder and import action
Improved tree rebuild with API on folders change
Improved tables primary and index usage
Improved LDAP new user by default role
Improved visibility of path in items list result
Improved email body with item path
Introduced an API key by user
Fix for API keys truncated
Fix offline password dispay in case of html tags similar in password
Fix failed folder creation in case of password complexity not reached
Fix missing quick icons in search results
#2175 Apostrophes are not handled correctly in usernames
#2174 Offline mode file bypass read right restrictions
#2172 2FA Reset Link Can Be Abused
#2168 API for adding users is not working
#2167 Info tab is not working if behind a proxy
#2161 Missing backslash in acount name
#2160 Added a test for preventing Folders list not shown
#2154 Personal saltkey is not stored when option enabled
#2153 [{"error":"no_key_provided"} when running backup script on teampass container
#2152 No search result and empty popup appear
#2151 Error in knowledge base that does not show option to swap pages
#2140 Moving subfolder to root level not possible
#2127 Grant access with simple folder copy
#2118 Empty user at Keepass file is not empty after import
#2116 Insufficient password strength when creating Offline Mode
#2115 Fix script backup issue with encryption key
#2111 Add support for login through http header
#2109 restrict login to Group Ldap don't work
#2102 Changed field renewal_period size
#2096 Offline mode decryption fails if too much items exported
#2095 Can't upload files on items - Plupload update
#2094 PHP 7.2: Call to undefined function mcrypt_encrypt()
#2093 role human resources doesn't access expected pages
#2090 On folder copy, an empty message box is shown
#2087 Custom fields displayed if empty
#2085 CSV import error if URL too long
#2082 API: new folder is allocated to same roles as its parent
#2081 LDAP bug, can't check connection
#2080 Email sent on password copy in the clipboard
#2078 Purge Logs not selection not working properly
#2077 API: Deleting non existing folder deletes all folders
#2075 Button "delete selected Items" doesn't work
#2074 Backup by script not working
#2073 Move selected Items button
#2071 Search not working for items with multiple "Restricted to:" roles selected
#2069 Copy a read-only folder to a read-only folder
#2066 Read Only Users can Drag and drop items to there personal folder
#2065 send GAUTH-code on login form doesn't warn user if no email is set
#2064 LDAP and DUO users with administrator role taken to items page then logged out
#2063 Setting "Hide forgot passw...
Release 2.1.27.27
Refer to changelog file to know main changes in Release 2.1.27.
New during upgrade
When upgrading, you need to indicate a valid administrator name/password, and you will also need to copy the saltkey into a password filed. It will be saved inside your database.
No database data are shown anymore. If the database information are changing, you need to update the file /includes/config/settings.php before starting upgrade.
IMPORTANT NOTE for users that have migrated to 2.1.27.0 and that have file encryption option enabled
Files encryption process have completely being reworked. Before upgrading, please do the next:
- open upload folder
- copy existing files in a temporary folder
- restore the files from a backup of a previous version (for example 2.1.26)
- start upgrade
Newly introduced since 2.1.27.27
#2456 Postpone treatment to get user location (ipapi.co usage)
#2431 Correct item creation/edit tab label
Newly introduced since 2.1.27.26
#2453 account creation... password sent in email is "undefined"
#2455 Unable to login after upgrade from 2.1.27.23 => 2.1.27.25
Newly introduced since 2.1.27.25
#2454 Update from 2.1.27.23 to 2.1.27.24 doesn't work
Newly introduced since 2.1.27.24
#2452 Fix API URL
#2438 Add new user fails due to missing default for not null fields
#2436 Undefined variable: user_id in api/functions.php
#2432 Empty item URL automatically fills with 'https://'
#2426 New option to force admin user to get connect using 2 factor code
#2416 Backslash in user's password
#2401 New LDAP account has full access when they log in for the first time
/!\This new version fixes a very old design choice regarding the encoding of user names. It may impacts your users in some specific cases. The fix consists in authenticating twice.
Newly introduced since 2.1.27.23
#2419 Cannot show password by using item menu bars entry
#2418 Generatinga new password for a user fails with error
#2403 Cannot Login using LDAP user
Newly introduced since 2.1.27.22
#2408 Password complexity not enforced
#2326 link copy doesn't work corectly
Newly introduced since 2.1.27.21
#2398 User unable to change their own password from profile window
#2395 php warning in logs
#2376 fix link in readme
Newly introduced since 2.1.27.20
#2394 knowledge base page characters appear with "?"
#2393 After Deleting User, KB Is Blank
#2380 Increase fields size to prevent errors
#2372 Upload a file with dash in file name wil be renamed with underscore
Fix: loading folder information is wrong when using 'max'
Fix: error message item already exits culd appear on item edition
Security fix - Sanitized GET values in case of user password recovery (credit for Adam Roberts from http://www.nccgroup.trust/)
Newly introduced since 2.1.27.19
#2379 Setting "Number of items to retrieve per query" to Max
Newly introduced since 2.1.27.18
#2378 Personal sub-subfolders do not appear
#2373 Internal Server Error 500 Profile Window
Newly introduced since 2.1.27.17
#2367 Incorrect import into personal folder
#2364 Using another protocol than HTTP for the URL is not possible
#2362 Removed excess item id from API url add/item
#2360 Show logs without any auth
#2355 Return the parent folder ids on API call read/userfolders
#2353 Generate Password not working - wrong POST field
#2349 Folder with flag "allow empty password" says "Insufficient password strenght" on item edition
#2347 Disable "Forgot Password?" link feature not working
#2346 [CSV-Import] convert field to string bevore using replace()
#2345 restore, enter decrypt key then system logs out
#2341 API - Incorrect update item parameters decoding
#2334 error adding entry with the same name then another entry in a different folder
#2314 SQL error in API near user name
#2312 API Issue adding folder on root
#2290 Protection of OTV page errors
#2298 support for login through http header
#2265 API - Add item - comma separated base64 encoded string
Fix - in bug report, the email password is visible
Fix - 'Hide inaccessible password folder' doesn't work in all cases
Security fix - DUO codes are sanitized (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Through URL some operations were possible with no user rights check (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Backup key is generated by default (credit for Adam Roberts from http://www.nccgroup.trust/)
Newly introduced since 2.1.27.16
New - Added folders filter in Manage Roles page
New - Added folders alphabet filter in Manage Folders page
#2279 Google Authentication no link
#2277 Import fails when Login: / Account: has a backslash inside of it
#2274 Import from csv-list includes items that are marked as already imported
#2263 New upload settings to permit empty files and/or any extensions to be uploaded
Newly introduced since 2.1.27.15
#2266 Google 2FA mail for temporary code is blank
Newly introduced since 2.1.27.14
Fix for missing install/upgrade instructions
Newly introduced since 2.1.27.13
New - Templating system based upon Custom Fields
#2256 User can select his 2FA methods if several selected
#2253 Google Authenticator not working
#2248 Item suggestion is not available from Regular User
#2246 Copy folder does not copy rights structure
#2245 TeamPass 2FA QR Code won't show after providing activiation code
#2244 html entities get interpreted inside passwords
Newly introduced since 2.1.27.12
Added new option permitting to enable secure image preview
Added warning to user if login attempts identified since last successful connection
Added Yubico support for 2FA authentication
Added restriction access to Custom Fields
Added textarea format for custom field
Improved the possibility to move files folder outside of Teampass Domain
Improved user creation with LDAP and Google and DUO 2FA
Improved log in case of failed authentication - used login is shown
Improved syslog message format
Updated library PHPMailer to 5.5
#2223 Error while using php v5.6
#2206 New ldap user and ad password change
#2204 Password copy - cryptic log entry using syslog
#2202 Search functionality - no log entry upon display
#2201 Search functionality - password shown in plaintext
#2198 Hang when changing second folder password strength and required password strength
#2196 API create item fails when Base64 encoding contains "/"
#2192 Encrypted Files Are Stored (Temporary) in Plaintext And Can Be Downloaded Without Authorization
#2191 Bad redirection to login form on password recovery process
#2189 (Google) 2FA Does Not Work With LDAP (Windows / Active Directory)
Newly introduced since 2.1.27.11
Changed licensing to GNU GPL-3.0
New - User must provide a reason to access a restricted item
New - Add option to have local and remote accounts when LDAP is enabled
Improved security of password generator with php7
Improved cannot edit user without email
Improved read-only user limitation to copy folder and import action
Improved tree rebuild with API on folders change
Improved tables primary and index usage
Improved LDAP new user by default role
Improved visibility of path in items list result
Improved email body with item path
Introduced an API key by user
Fix for API keys truncated
Fix offline password dispay in case of html tags similar in password
Fix failed folder creation in case of password complexity not reached
Fix missing quick icons in search results
#2175 Apostrophes are not handled correctly in usernames
#2174 Offline mode file bypass read right restrictions
#2172 2FA Reset Link Can Be Abused
#2168 API for adding users is not working
#2167 Info tab is not working if behind a proxy
#2161 Missing backslash in acount name
#2160 Added a test for preventing Folders list not shown
#2154 Personal saltkey is not stored when option enabled
#2153 [{"error":"no_key_provided"} when running backup script on teampass container
#2152 No search result and empty popup appear
#2151 Error in knowledge base that does not show option to swap pages
#2140 Moving subfolder to root level not possible
#2127 Grant access with simple folder copy
#2118 Empty user at Keepass file is not empty after import
#2116 Insufficient password strength when creating Offline Mode
#2115 Fix script backup issue with encryption key
#2111 Add support for login through http header
#2109 restrict login to Group Ldap don't work
#2102 Changed field renewal_period size
#2096 Offline mode decryption fails if too much items exported
#2095 Can't upload files on items - Plupload update
#2094 PHP 7.2: Call to undefined function mcrypt_encrypt()
#2093 role human resources doesn't access expected pages
#2090 On folder copy, an empty message box is shown
#2087 Custom fields displayed if empty
#2085 CSV import error if URL too long
#2082 API: new folder is allocated to same roles as its parent
#2081 LDAP bug, can't check connection
#2080 Email sent on password copy in the clipboard
#2078 Purge Logs not selection not working properly
#2077 API: Deleting non existing folder deletes all folders
#2075 Button "delete selected Items" doesn't work
#2074 Backup by script not working
#2073 Move selected Items button
#2071 Search not working for items with multiple "Restricted to:" roles selected
#2069 Copy a read-only folder to a read-only folder
#2066 Read Only Users can Drag and drop items to there personal folder
#2065 send GAUTH-code on login form doesn't warn user if no email is set
#2064 LDAP and DUO users with administrator role taken to items page then logged out
#2063 Setting "Hide forgot password link on Home page" not correctly displayed
#2059 Fix for Custom LDAP port and adLDAP
#2035 After first time log...
Release 2.1.27.26
Refer to changelog file to know main changes in Release 2.1.27.
New during upgrade
When upgrading, you need to indicate a valid administrator name/password, and you will also need to copy the saltkey into a password filed. It will be saved inside your database.
No database data are shown anymore. If the database information are changing, you need to update the file /includes/config/settings.php before starting upgrade.
IMPORTANT NOTE for users that have migrated to 2.1.27.0 and that have file encryption option enabled
Files encryption process have completely being reworked. Before upgrading, please do the next:
- open upload folder
- copy existing files in a temporary folder
- restore the files from a backup of a previous version (for example 2.1.26)
- start upgrade
Newly introduced since 2.1.27.26
#2453 account creation... password sent in email is "undefined"
#2455 Unable to login after upgrade from 2.1.27.23 => 2.1.27.25
Newly introduced since 2.1.27.25
#2454 Update from 2.1.27.23 to 2.1.27.24 doesn't work
Newly introduced since 2.1.27.24
#2452 Fix API URL
#2438 Add new user fails due to missing default for not null fields
#2436 Undefined variable: user_id in api/functions.php
#2432 Empty item URL automatically fills with 'https://'
#2426 New option to force admin user to get connect using 2 factor code
#2416 Backslash in user's password
#2401 New LDAP account has full access when they log in for the first time
/!\This new version fixes a very old design choice regarding the encoding of user names. It may impacts your users in some specific cases. The fix consists in authenticating twice.
Newly introduced since 2.1.27.23
#2419 Cannot show password by using item menu bars entry
#2418 Generatinga new password for a user fails with error
#2403 Cannot Login using LDAP user
Newly introduced since 2.1.27.22
#2408 Password complexity not enforced
#2326 link copy doesn't work corectly
Newly introduced since 2.1.27.21
#2398 User unable to change their own password from profile window
#2395 php warning in logs
#2376 fix link in readme
Newly introduced since 2.1.27.20
#2394 knowledge base page characters appear with "?"
#2393 After Deleting User, KB Is Blank
#2380 Increase fields size to prevent errors
#2372 Upload a file with dash in file name wil be renamed with underscore
Fix: loading folder information is wrong when using 'max'
Fix: error message item already exits culd appear on item edition
Security fix - Sanitized GET values in case of user password recovery (credit for Adam Roberts from http://www.nccgroup.trust/)
Newly introduced since 2.1.27.19
#2379 Setting "Number of items to retrieve per query" to Max
Newly introduced since 2.1.27.18
#2378 Personal sub-subfolders do not appear
#2373 Internal Server Error 500 Profile Window
Newly introduced since 2.1.27.17
#2367 Incorrect import into personal folder
#2364 Using another protocol than HTTP for the URL is not possible
#2362 Removed excess item id from API url add/item
#2360 Show logs without any auth
#2355 Return the parent folder ids on API call read/userfolders
#2353 Generate Password not working - wrong POST field
#2349 Folder with flag "allow empty password" says "Insufficient password strenght" on item edition
#2347 Disable "Forgot Password?" link feature not working
#2346 [CSV-Import] convert field to string bevore using replace()
#2345 restore, enter decrypt key then system logs out
#2341 API - Incorrect update item parameters decoding
#2334 error adding entry with the same name then another entry in a different folder
#2314 SQL error in API near user name
#2312 API Issue adding folder on root
#2290 Protection of OTV page errors
#2298 support for login through http header
#2265 API - Add item - comma separated base64 encoded string
Fix - in bug report, the email password is visible
Fix - 'Hide inaccessible password folder' doesn't work in all cases
Security fix - DUO codes are sanitized (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Through URL some operations were possible with no user rights check (credit for Adam Roberts from http://www.nccgroup.trust/)
Security fix - Backup key is generated by default (credit for Adam Roberts from http://www.nccgroup.trust/)
Newly introduced since 2.1.27.16
New - Added folders filter in Manage Roles page
New - Added folders alphabet filter in Manage Folders page
#2279 Google Authentication no link
#2277 Import fails when Login: / Account: has a backslash inside of it
#2274 Import from csv-list includes items that are marked as already imported
#2263 New upload settings to permit empty files and/or any extensions to be uploaded
Newly introduced since 2.1.27.15
#2266 Google 2FA mail for temporary code is blank
Newly introduced since 2.1.27.14
Fix for missing install/upgrade instructions
Newly introduced since 2.1.27.13
New - Templating system based upon Custom Fields
#2256 User can select his 2FA methods if several selected
#2253 Google Authenticator not working
#2248 Item suggestion is not available from Regular User
#2246 Copy folder does not copy rights structure
#2245 TeamPass 2FA QR Code won't show after providing activiation code
#2244 html entities get interpreted inside passwords
Newly introduced since 2.1.27.12
Added new option permitting to enable secure image preview
Added warning to user if login attempts identified since last successful connection
Added Yubico support for 2FA authentication
Added restriction access to Custom Fields
Added textarea format for custom field
Improved the possibility to move files folder outside of Teampass Domain
Improved user creation with LDAP and Google and DUO 2FA
Improved log in case of failed authentication - used login is shown
Improved syslog message format
Updated library PHPMailer to 5.5
#2223 Error while using php v5.6
#2206 New ldap user and ad password change
#2204 Password copy - cryptic log entry using syslog
#2202 Search functionality - no log entry upon display
#2201 Search functionality - password shown in plaintext
#2198 Hang when changing second folder password strength and required password strength
#2196 API create item fails when Base64 encoding contains "/"
#2192 Encrypted Files Are Stored (Temporary) in Plaintext And Can Be Downloaded Without Authorization
#2191 Bad redirection to login form on password recovery process
#2189 (Google) 2FA Does Not Work With LDAP (Windows / Active Directory)
Newly introduced since 2.1.27.11
Changed licensing to GNU GPL-3.0
New - User must provide a reason to access a restricted item
New - Add option to have local and remote accounts when LDAP is enabled
Improved security of password generator with php7
Improved cannot edit user without email
Improved read-only user limitation to copy folder and import action
Improved tree rebuild with API on folders change
Improved tables primary and index usage
Improved LDAP new user by default role
Improved visibility of path in items list result
Improved email body with item path
Introduced an API key by user
Fix for API keys truncated
Fix offline password dispay in case of html tags similar in password
Fix failed folder creation in case of password complexity not reached
Fix missing quick icons in search results
#2175 Apostrophes are not handled correctly in usernames
#2174 Offline mode file bypass read right restrictions
#2172 2FA Reset Link Can Be Abused
#2168 API for adding users is not working
#2167 Info tab is not working if behind a proxy
#2161 Missing backslash in acount name
#2160 Added a test for preventing Folders list not shown
#2154 Personal saltkey is not stored when option enabled
#2153 [{"error":"no_key_provided"} when running backup script on teampass container
#2152 No search result and empty popup appear
#2151 Error in knowledge base that does not show option to swap pages
#2140 Moving subfolder to root level not possible
#2127 Grant access with simple folder copy
#2118 Empty user at Keepass file is not empty after import
#2116 Insufficient password strength when creating Offline Mode
#2115 Fix script backup issue with encryption key
#2111 Add support for login through http header
#2109 restrict login to Group Ldap don't work
#2102 Changed field renewal_period size
#2096 Offline mode decryption fails if too much items exported
#2095 Can't upload files on items - Plupload update
#2094 PHP 7.2: Call to undefined function mcrypt_encrypt()
#2093 role human resources doesn't access expected pages
#2090 On folder copy, an empty message box is shown
#2087 Custom fields displayed if empty
#2085 CSV import error if URL too long
#2082 API: new folder is allocated to same roles as its parent
#2081 LDAP bug, can't check connection
#2080 Email sent on password copy in the clipboard
#2078 Purge Logs not selection not working properly
#2077 API: Deleting non existing folder deletes all folders
#2075 Button "delete selected Items" doesn't work
#2074 Backup by script not working
#2073 Move selected Items button
#2071 Search not working for items with multiple "Restricted to:" roles selected
#2069 Copy a read-only folder to a read-only folder
#2066 Read Only Users can Drag and drop items to there personal folder
#2065 send GAUTH-code on login form doesn't warn user if no email is set
#2064 LDAP and DUO users with administrator role taken to items page then logged out
#2063 Setting "Hide forgot password link on Home page" not correctly displayed
#2059 Fix for Custom LDAP port and adLDAP
#2035 After first time login as user Personal Folder is not correctly shown (100000)
#2015 Double click to edit not working for items created by a different user