Name | Modified | Size | Downloads / Week |
---|---|---|---|
Parent folder | |||
3.1.2 source code.tar.gz | 2024-10-04 | 44.5 MB | |
3.1.2 source code.zip | 2024-10-04 | 49.0 MB | |
README.md | 2024-10-04 | 12.0 kB | |
Totals: 3 Items | 93.5 MB | 0 |
What's Changed
- Fix copy password log. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4293
- Add css/js script version to avoid cache issues on upgrade. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4286
- Avoid bypass maximum_session_expiration_time parameter. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4285
- Trim values to avoid break json. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4282
- BUGFIX - Cast all fields on API createUserJWT function call. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4280
- Sanitize import priv/pub keys field. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4268
- BUGFIX - Improve folder permissions. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4262
- BUGFIX - Fix user personnal folder creation. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4257
- Fix for broken JSON response when ldap group id is binary by @simonpoess in https://github.com/nilsteampassnet/TeamPass/pull/4185
- SEC - Remove generateBugReport for non admin users by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4206
- Remove space in .scrutinizer.yml filename by @rokx in https://github.com/nilsteampassnet/TeamPass/pull/4220
- BUGFIX - Add short timeout to fsocksopen and use host/port of duo API. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4222
- BUGFIX - Fix blank pages. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4223
- BUGFIX - Fix multiple issues on login page by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4228
- BUGFIX - Correct issues in delete items in list by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4230
- BUGFIX - Avoid break tp.config.php file with single quote in parameter value. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4231
- BUGFIX - Redirect on item view after authentication if an unauthenticated user opened direct link. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4234
- Add username, mail and url next to description in item view. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4235
- SEC - Correct LFI. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4236
- SEC - Use session user id instead of user input to download or reset user keys by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4237
- SEC - Correct multiple XSS by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4238
- SEC - Correct bypass upload filters vulnerability. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4239
- SEC - Correct wrong access control by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4240
- BUGFIX - Don't close item view when using copy item link. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4254
- BUGFIX - Correct email formatting by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4255
- BUGFIX - Upgrade process improvement and speedup by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4256
- UI - Improve items page UX to see tree/items list and items details simultaneously. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4273
- BUGFIX - Fixing email content wrongly escaped and broken on mail client by @lucasfoussier in https://github.com/nilsteampassnet/TeamPass/pull/4304
- BUGFIX - Escaping email inner content only when necessary by @lucasfoussier in https://github.com/nilsteampassnet/TeamPass/pull/4309
- Sanitize import priv/pub keys field. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4321
- Delete by id instead of key to gain reliability. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4322
- Highlight selected/favorites items and reverse default limited-search value by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4325
- Automatically detect ldap password change by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4323
- Update oauth.php by @kcbieng in https://github.com/nilsteampassnet/TeamPass/pull/4329
- Update AzureAuthController.php and ActiveDirectoryExtra.php by @kcbieng in https://github.com/nilsteampassnet/TeamPass/pull/4327
- Completes the implementation of the nb_items_by_query parameter. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4330
- Fix error with wrong variable name on item creation. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4333
- Fix issues on folders. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4334
- Add support of generic OAuth2 provider in addition to MS Azure, auto-login and fix security issue. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4332
- Fix cache error on folder creation. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4335
- Add strong default password length for generation. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4336
- Fix favorites remove issue. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4338
- Auto select jstree folder on path elems click. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4339
- Fix copy password with html encoding. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4340
- Revert unresolved merge conflict from [c79627] and unused install1 folder by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4347
- Completes the implementation of the encryptClientServer parameter . by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4337
- Speedup keepass import by adding batch processing and sql transactions. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4342
- Speedup copy/delete folder and copy item actions. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4343
- Revert from [9a5708] by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4348
- Fix invisible new created folder in personal space and avoid double jstree selection on creation. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4344
- Add access grant check on backend side. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4346
- Add support of PWA (full screen app) with Window Controls Overlay. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4277
- Remove tp config by @nilsteampassnet in https://github.com/nilsteampassnet/TeamPass/pull/4349
- Speedup populateItemsTable_CreatedAt execution. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4353
- Fix for local accounts when oauth2 is disabled. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4354
- Add setting for build_cache_tree task batch. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4355
- Vulnerability log injection by @nilsteampassnet in https://github.com/nilsteampassnet/TeamPass/pull/4359
- Fix pwd issues by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4360
- Vulnerability creating admin user with a normal account by @nilsteampassnet in https://github.com/nilsteampassnet/TeamPass/pull/4363
- Fixing a vulnerability where a standard user could disable any user by @nilsteampassnet in https://github.com/nilsteampassnet/TeamPass/pull/4367
- Hide duo secret key. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4369
- Fixing vulnerability with clear password in email log by @nilsteampassnet in https://github.com/nilsteampassnet/TeamPass/pull/4371
- Replace tp.config.php by ConfigManager and remove obsoletes functions. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4372
- Vulnerability using API authorization with SQL Injection by @nilsteampassnet in https://github.com/nilsteampassnet/TeamPass/pull/4373
- Profile fixes by @evertton in https://github.com/nilsteampassnet/TeamPass/pull/4377
- Fix config issues. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4385
- Fix search input background color [#4374] by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4384
- Fix users encoding [#4316] by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4383
- Code review fixes by @nilsteampassnet in https://github.com/nilsteampassnet/TeamPass/pull/4379
- Fix for encryptClientServer input field by @nilsteampassnet in https://github.com/nilsteampassnet/TeamPass/pull/4387
- Add minor version on static scripts. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4389
- Fix issue with PWA on subpaths. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4390
- Add email field to admin account setup [#4382] by @evertton in https://github.com/nilsteampassnet/TeamPass/pull/4388
- Fix SQL injection on store_user_changes. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4395
- Fix user confidential infos leak. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4394
- Fix applicative privilege escalation. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4397
- Vulnerability during install by @nilsteampassnet in https://github.com/nilsteampassnet/TeamPass/pull/4392
- Fix settings last modification. by @corentin-soriano in https://github.com/nilsteampassnet/TeamPass/pull/4393
Vulnerabilities fixed
- SQL Injection (Pre-Authentication) - CVE-2024-48269
- Code Injection - CVE-2024-53511
- Password in Cleartext on Client Side - CVE-2024-48266
- Stored Cross-Site Scripting (XSS) - CVE-2024-48265
- Broken Access Control - Log Injection - CVE-2024-48268
- Broken Access Control - Admin User Creation (Privesc) - CVE-2024-53512
- Broken Access Control - Arbitrary User Disabling - CVE-2024-48262
- Password in Cleartext in Database - CVE-2024-53510
New Contributors
- @corentin-soriano made their first contribution in https://github.com/nilsteampassnet/TeamPass/pull/4293
- @simonpoess made their first contribution in https://github.com/nilsteampassnet/TeamPass/pull/4185
- @rokx made their first contribution in https://github.com/nilsteampassnet/TeamPass/pull/4220
- @lucasfoussier made their first contribution in https://github.com/nilsteampassnet/TeamPass/pull/4304
- @kcbieng made their first contribution in https://github.com/nilsteampassnet/TeamPass/pull/4329
- @evertton made their first contribution in https://github.com/nilsteampassnet/TeamPass/pull/4377
Full Changelog: https://github.com/nilsteampassnet/TeamPass/compare/3.1.1...3.1.2
Important
- Requires at least
PHP 8.1
- New password library implemented, read about impacts
Languages
Please join Teampass v3 translation project on Poeditor and translate it for your language.
Installation
Follow instructions from Documentation.
Upgrade
Follow instructions from Documentation.
Ideas and comments
Are welcome ... please use Discussions.