Thread: [Passwordsafe-devel] Announcing PasswordSafe 2.16
Popular easy-to-use and secure password manager
Brought to you by:
ronys
From: Rony S. <ro...@gm...> - 2006-01-27 10:46:11
|
Hi, PasswordSafe 2.16 is available for download. This release fixes some minor problems and adds a couple of minor features. Thanks to DK for his help in this version. New feature for 2.16: ===================== [] When unlocking a locked database, one now has the option of cancelling the unlock as well as exiting the application. Thanks to DK for this. [1414899] - System tray tooltip now reflects the name of the database. Bugs fixed in 2.16: =================== [1403533] Now takes "No" for an answer in delete group confirmation. [1412208] Tab sequence of opening dialog fixed. [1376566, 1393910] Databases written with early 2.x versions of PasswordSafe can now be read correctly. [] Installation kit now adds MFC71.dll if missing. The release may be downloaded from here: https://sourceforge.net/project/showfiles.php?group_id=41019&package_id=3316 9&release_id=388667 or http://tinyurl.com/a485w SHA-1 checksums: 3e9f526e1508cd4c9a6e70f54c3449c73c15615b *pwsafe-2.16.exe e848382b0f3868aac79c3aacb5da013da590c284 *pwsafe-2.16-bin.zip 5113b0ce4d449f78920ff3a00469e9e00dfb9af3 *pwsafe-2.16-src.zip Note that this release also includes PGP/GPG signature files of the respective packages. These were signed with my SourceForge account key, keyid FA175557, key fingerprint = FF77 379D D46D DAA6 6182 B452 1D79 5A91 FA17 5557, available from a PGP keyserver near you (such as http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xFA175557). Enjoy, Rony |
From: Rony S. <ro...@gm...> - 2006-03-08 21:52:06
|
Hi, After quite a lot of work, PasswordSafe 3.0 is ready for its first public release. There are some nice user-visible new features in this version. In addition, the database format has been revised according to best security and cryptographic practices. We feel that this format will be highly attack-resistant for the forseeable future. Aside from DK and Dave Collins, who've contributed code to this release, I'd like to thank the members of the passwordsafe-devel mailing list for many fruitful, challenging and well-spirited discussions on all aspects of the new database format (The format itself is described in the formatv3.txt file in the source distribution.). I'd also like to thank all the users who've patiently reported bugs and suggested new features for this application. NOTES: ====== 1. This is still a BETA release! It should NOT be used as the only tool for storing "real" password information. 2. This release will read databases saved by previous versions of PasswordSafe. When saving a database, make sure that the new database will have the "psafe3" suffix. This will guarantee that your old database is not overwritten. If you do over-write it by mistake, you can export to old formats from this version, with no loss of data. 3. The purpose of this release is to gather feedback on bugs, on the new features, and on other features you wish to see implemented. Please enter feedback via the project's summary page: https://sourceforge.net/tracker/?group_id=41019&atid=429579 for bug reports, https://sourceforge.net/tracker/?group_id=41019&atid=429582 for feature requests. New Features for 3.0Beta1: ========================== [] Entry creation time is now stored. [1393632] URL and Autotype moved from Notes to their own fields. [] System Tray icon now indicated if database is locked or not (Thanks to DK for this cool feature!) [1422761] System Tray menu now has a list of recently used entries - a convenient shortcut to common entries. Thanks to Ork for suggesting this, and to DK for the implementation! [] Add and Edit dialog box now have "simple" and "detailed" modes. Thanks to Dave Collins for implementing this. [731841] Database format is changed to use newer encryption algorithm (Twofish replaces Blowfish). Also, the integrity of the database is now checked. Bugs fixed in 3.0Beta1: ======================= [1384738] Backspace is no longer used instead of dots in the title for the plaintext import/export format. Known Problems: =============== [] No major problems are known in this release. However, it is a FIRST BETA release, and should NOT be used on real databases without backups! [] Online help has not been updated The release may be downloaded from here: https://sourceforge.net/project/showfiles.php?group_id=41019&package_id=1828 88&release_id=399829 or http://tinyurl.com/nqnr5 SHA-1 checksums: eaa08576f5a9b449bc6d20ac1a98db0964dab9b0 *pwsafe-3.0Beta1.exe fb68dca5d2a51546a0a9ace01d13124d10e09828 *pwsafe-3.0Beta1-bin.zip 7c247d8209c04d3e26bfc9040bd6a6442f53fcea *pwsafe-3.0Beta1-src.zip Note that this release also includes PGP/GPG signature files of the respective packages. These were signed with my SourceForge account key, keyid FA175557, key fingerprint = FF77 379D D46D DAA6 6182 B452 1D79 5A91 FA17 5557, available from a PGP keyserver near you (such as http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xFA175557). Enjoy, Rony |
From: Frank P. <fp...@fp...> - 2006-03-09 00:07:25
Attachments:
PWSfileV3.patch
|
On Wed, 08 Mar 2006 16:54:38 -0500, Rony Shapiro <ro...@gm...> wrote: > > After quite a lot of work, PasswordSafe 3.0 is ready for its first public > release. > Congratulations! Good work. How did you decide on the format of text fields: are they now all in UTF-8? Can you please add a note to the formatV3.txt document to that effect? Attached is a small patch to the PWSfileV3::StretchKey() function. In this context, X is a character pointer, and sizeof(X) is 4, which is probably not what you wanted. I am happy to report that Password Gorilla has no problem reading your V3 files (which is all I tested so far). Thanks, Frank -- Frank Pilhofer, fp...@fp... |
From: Rony S. <ro...@gm...> - 2006-03-09 05:09:09
|
Hi Frank, Thanks. You're one of the folks I was thinking of when I thanked the list members for fruitful discussion. The format is indeed UTF-8. The formatv3.txt will be updated, and the patch (thanks again) will be applied. All this after I return from a one-week vacation, during which I will be (gasp!) off-line. Cheers, Rony P.S. - Glad to hear that Password Gorilla eat v3 files for lunch - this means that we did the fomat document all right! > -----Original Message----- > From: Frank Pilhofer [mailto:fp...@fp...] > Sent: Thursday, March 09, 2006 2:07 AM > To: Rony Shapiro > Cc: pas...@li... > Subject: Re: [Passwordsafe-users] Announcing first BETA of > PasswordSafe 3.0 > > On Wed, 08 Mar 2006 16:54:38 -0500, Rony Shapiro > <ro...@gm...> wrote: > > > > After quite a lot of work, PasswordSafe 3.0 is ready for > its first public > > release. > > > > Congratulations! Good work. > > How did you decide on the format of text fields: are they now > all in UTF-8? > Can you please add a note to the formatV3.txt document to that effect? > > Attached is a small patch to the PWSfileV3::StretchKey() > function. In this > context, X is a character pointer, and sizeof(X) is 4, which > is probably > not what you wanted. > > I am happy to report that Password Gorilla has no problem > reading your V3 > files (which is all I tested so far). > > Thanks, > Frank > > -- > Frank Pilhofer, fp...@fp... > |
From: Rony S. <ro...@gm...> - 2006-04-22 15:51:48
|
Hi, This is to announce the second beta release of PasswordSafe 3.0. All of the major problems uncovered in the first beta have been addressed, except a problem with win98SE and ME, which I cannot duplicate. Most importantly, a security implementation flaw on non-XP platforms has been resolved. Bugs fixed in 3.0Beta2: ======================= [1450484] Trialing garbage in tooltip text fixed (thanks to DK). [1462527] Uses a decent PRNG for non-XP platforms, closing key recovery attack vulnerability. [1446183] Export to v2 format now readable by pwsafe v2.x [1463103] Fields in Edit Dialog are wider. [1450486] URLs without a protocol now default to http. [1459326, 1427642] Fixed problems with password prompt (thanks to DK) Known Problems: =============== [1453108] Database problems with Win98SE and ME [] Online help has not been updated NOTES: ====== 1. This is still a BETA release! It should NOT be used as the only tool for storing "real" password information. 2. This release will read databases saved by previous versions of PasswordSafe. When saving a database, make sure that the new database will have the "psafe3" suffix. This will guarantee that your old database is not overwritten. If you do over-write it by mistake, you can export to old formats from this version, with no loss of data. 3. The purpose of this release is to gather feedback on bugs, on the new features, and on other features you wish to see implemented. Please enter feedback via the project's summary page: https://sourceforge.net/tracker/?group_id=41019&atid=429579 for bug reports, https://sourceforge.net/tracker/?group_id=41019&atid=429582 for feature requests. SHA-1 checksums: 4c58af980ee91eeb5d0e27402b11220051dce2b4 *pwsafe-3.0Beta2.exe 9e16dc511f698ec3be9a66ffd26ca0115a28b806 *pwsafe-3.0Beta2-bin.zip 90f1b62a3a931c0db59b6a10e33e4b8bbacb832f *pwsafe-3.0Beta2-src.zip Note that this release also includes PGP/GPG signature files of the respective packages. These were signed with my SourceForge account key, keyid FA175557, key fingerprint = FF77 379D D46D DAA6 6182 B452 1D79 5A91 FA17 5557, available from a PGP keyserver near you (such as http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xFA175557). Enjoy, Rony |