API

Version 1.22.10 - 09th July 2024

[Improvement]

  • [LOCKFILES] Improving folders move

[Bugfix]

  • [LOCKPASS] Bugfix when you tried to download a category report

[CVE]

libcrypto3

CVE-2024-4741

CVE-2024-5535

MEDIUM

https://avd.aquasec.com/nvd/cve-2024-4741

https://avd.aquasec.com/nvd/cve-2024-5535

libssl3

CVE-2024-4741

CVE-2024-5535

MEDIUM

https://avd.aquasec.com/nvd/cve-2024-4741

https://avd.aquasec.com/nvd/cve-2024-5535

openssl

CVE-2024-4741

CVE-2024-5535

MEDIUM

https://avd.aquasec.com/nvd/cve-2024-4741

https://avd.aquasec.com/nvd/cve-2024-5535

 

 

Version 1.22.8 - 26th June 2024

[Improvement]

  • [LOCKPASS] Improving KDBX import

 

Version 1.22.7 - 24th June 2024

[Bugfix]

  • [LOCKPASS] Bugfix when you try to add a category with the same name at the same place

 

Version 1.22.6 - 20th June 2024

[Improvement]

  • [MANAGEMENT] Improving the moderator -> user feature

 

Version 1.22.5 - 19th June 2024

[Bugfix]

  • [LOCKPASS] Bugfix when administrator wanted to download a category report

 

Version 1.22.4 - 17th June 2024

[Improvement]

  • [MFA] Improving MFA enrollment

 

Version 1.22.3 - 12th June 2024

[Bugfix]

  • [API] Bugfix where in some case an API user couldn't create a password

 

Version 1.22.1 - 10th June 2024

[Improvement]

  • [LOCKPASS] Improving categories deletion

 

Version 1.22.0 - 03th June 2024

[New feature]

  • [LOCKPASS] You can now open a SSH connexion directly from LockPass. Accessible only in private cloud.

 

Version 1.21.10 - 24th May 2024

[Bugfix]

  • [LOCKPASS] Bugfix when a category manager want to create a new category
  • [MANAGEMENT] Bugfix when you want to add a user in a group in some cases

 

Version 1.21.6 - 13th May 2024

[New Improvement]

  • [LOCKPASS] Improving LockPass navigation
  • [API DOC] Rewriting some methods

Version 1.21.0 - 07th May 2024

[New feature]

  • [GENERAL] You can now add a MFA token for your standard connection

Version 1.20.25 - 03th May 2024

[Improvement]

  • [IMPORT] You can now import your passwords throught the KDBX format

Version 1.20.24 - 02th May 2024

[Improvement]

  • [LOCKPASS] Optimizing categories navigation

 

Version 1.20.23 - 30th April 2024

[Improvement]

  • [LOCKPASS] You can now get the property of all passwords in a category
  • [DASHBOARD] You can now export inactive users from the dashboard

 

Version 1.20.22 - 25th April 2024

[Improvement]

  • [LOCKPASS] Optimizing categories navigation
  • [EXPORT] Optimizing credentials' global export

 

Version 1.20.21 - 09th April 2024

[CVE]

libcrypto3

libssl3

openssl

CVE-2024-2511 LOW

https://avd.aquasec.com/nvd/cve-2024-2511

 

Version 1.20.20 - 04th April 2024

[Bugfix]

  • [LOCKPASS] Bugfix in categories search

Version 1.20.17 - 28th March 2024

[Improvement]

  • [LOCKFILES] Improving folder move
  • [GENERAL] Account creation with a "+" is now accepted

[Bugfix]

  • [EXPORT] Bugfix encodage for password export

Version 1.20.15 - 25th March 2024

[Improvement]

  • [GENERAL] Improving users' disconnection

[Bugfix]

  • [IMPORT] Bugfix for Edge password import

Version 1.20.15 - 19th March 2024

[CVE]

libexpat CVE-2024-28757 HIGH

https://avd.aquasec.com/nvd/cve-2024-28757



Version 1.20.13 - 14th March 2024

[Bugfix]

  • [LOCKTRANSFER] Bugfix for some deposit boxes where external users cannot saw files

 

Version 1.20.11 - 11th March 2024

[Bugfix]

  • [GENERAL] Bugfix when some users tried to renew there license
     

Version 1.20.10 - 04th March 2024

[Improvement]

  • [INTERCO AD] Improving users deletion

Version 1.20.9 - 19th February 2024

[CVE Corrected]

libxml2 CVE-2024-25062 HIGH

https://avd.aquasec.com/nvd/cve-2024-25062

 

Version 1.20.7 - 09th February 2024

[Improvement]

  • [LOCKPASS] Improving categories users deletion
  • [LOCKFILES] You can now click directly on a folder when you're doing a search
  • [LOCKFILES] Optimizing folder deletion
  • [GENERAL] Moderators can now modify the whitemark

[Bugfix]

  • [LOCKTRANSFER] Bugfix in some deposit box report


Version 1.20.1 - 24th January 2024

[CVE Corrected]

libcrypto3

libssl3

openssl

CVE-2023-6237 MEDIUM

https://avd.aquasec.com/nvd/cve-2023-6237

sqlite-libs CVE-2023-7104 HIGH

https://avd.aquasec.com/nvd/cve-2023-7104

 

Version 1.20.0 - 22th January 2024

[Improvement]

  • [MANAGEMENT] Improving users deletion
  • [MANAGEMENT] Improving users upgrade

[Bugfix]

  • [LOCKPASS] Bugfix for passwords duplication in some cases

 

Version 1.19.0 - 08th January 2024

[Improvement]

  • [GENERAL] You can now have one whitemark per organization

Version 1.18.1 - 03th December 2023

[Bugfix]

  • [MANAGEMENT] Bugfix when you tried to create an API user with an expiration date

Version 1.18.0 - 30th November 2023

[Improvement]

  • [LOCKPASS] Complete rework of the way passwords are shared during AD synchronization

Version 1.17.9 - 13th November 2023

[Improvement]

  • [MANAGEMENT] Improving users deletion
  • [GENERAL] Improving errors messages for the SSO connection
  • [LOCKPASS] Improving large passwords export 

Version 1.17.8 - 6th November 2023

[Bugfix]

  • [MANAGEMENT] Bugfix when you try to resend validation link from the Management page where the user in some case doesnt receive the email.

[CVE Corrected]

stdlib

CVE-2023-24540

CVE-2023-44487

CVE-2023-39325

CVE-2023-29403

CVE-2023-29400

CVE-2023-24539

CVE-2023-39319

CVE-2023-39318

CVE-2023-29409

CVE-2023-29406

CRITICAL

https://nvd.nist.gov/vuln/detail/CVE-2023-24540

https://nvd.nist.gov/vuln/detail/CVE-2023-44487

https://nvd.nist.gov/vuln/detail/CVE-2023-39325

https://nvd.nist.gov/vuln/detail/CVE-2023-29403

https://nvd.nist.gov/vuln/detail/CVE-2023-29400

https://nvd.nist.gov/vuln/detail/CVE-2023-24539

https://nvd.nist.gov/vuln/detail/CVE-2023-39319

https://nvd.nist.gov/vuln/detail/CVE-2023-39318

https://nvd.nist.gov/vuln/detail/CVE-2023-29409

https://nvd.nist.gov/vuln/detail/CVE-2023-29406

golang.org/x/net

CVE-2023-39325

CVE-2023-44487

CVE-2023-3978⁠

HIGH

https://nvd.nist.gov/vuln/detail/CVE-2023-39325

https://nvd.nist.gov/vuln/detail/CVE-2023-44487

https://nvd.nist.gov/vuln/detail/CVE-2023-3978

google.golang.org/grpc CVE-2023-44487 MEDIUM

https://nvd.nist.gov/vuln/detail/CVE-2023-44487

 

Version 1.17.7 - 30th October 2023

[Improvement]

  • [LOCKFILES] Optimizing folder move

[CVE Corrected]

libcrypto3

libssl3

openssl

CVE-2023-5363 MEDIUM

https://avd.aquasec.com/nvd/cve-2023-5363

 

Version 1.17.6 - 24th October 2023

[Improvement]

  • [LOCKTRANSFER] Optimizing performance
  • [GENERAL] Optimizing personal export
     

Version 1.17.5 - 23th October 2023

[Bugfix]

  • [MANAGEMENT] Fixed a bug that in certain cases the passage of a moderating user was not possible

Version 1.17.4 - 17th October 2023

[Improvement]

  • [LOCKTRANSFER/LOCKFILES] Optimizing performance
  • [MANAGEMENT] Optimizing performance when promote a user to moderator and demote a moderator
  • [MANAGEMENT] Optimizing performance when delete user
  • [GENERAL] SMTP configuration has been improved

[CVE Corrected]

curl

CVE-2023-38545

CVE-2023-38546

HIGH

https://avd.aquasec.com/nvd/cve-2023-38545

https://avd.aquasec.com/nvd/cve-2023-38546

libcurl

CVE-2023-38545

CVE-2023-38546

HIGH

https://avd.aquasec.com/nvd/cve-2023-38545

https://avd.aquasec.com/nvd/cve-2023-38546

nghttp2-libs CVE-2023-44487 HIGH

https://avd.aquasec.com/nvd/cve-2023-44487

 

Version 1.17.3 - 4th October 2023

[Improvement]

  • [DASHBOARD] Optimizing SQL requests
  • [LOCKTRANSFER/LOCKFILES] Optimizing performances
  • [HISTORY] Getting logs has been optimized

 

Version 1.17.2 - 23th September 2023

[CVE Corrected]

curl CVE-2023-38039 HIGH

https://avd.aquasec.com/nvd/cve-2023-38039

libcurl CVE-2023-38039 HIGH

https://avd.aquasec.com/nvd/cve-2023-38039

libwebp CVE-2023-4863 HIGH

https://avd.aquasec.com/nvd/cve-2023-4863


 

Version 1.17.1 - 11th September 2023

[Improvement]

  • [DASHBOARD] Optimizing some resources
  • [GENERAL] Improving API documentation

 

Version 1.17.0 - 31th August 2023

[New feature]

  • [GENERAL] Validation pages has been totally reworked
  • [LOCKFILES] You can now move a folder

[Improvement]

  • [GENERAL] Improving PIN bruteforce
  • [LOCKPASS] Optimizing personal export
  • [LOCKPASS] Optimizing shared export

 

Version 1.16.0 - 17th July 2023

[New feature]

  • [GENERAL] Adding Dashboard

[Improvement]

  • [GENERAL] Adding CSP on the Nginx configuration
  • [LOCKTRANSFER] Improving report
  • [LOGS] Adding a specific type of log "Moving" when you move a credential

[CVE Corrected]

libcrypto3

libssl3

openssl

CVE-2023-2975 LOW

https://avd.aquasec.com/nvd/cve-2023-2975

 

Version 1.15.2 - 27th June 2023

[Improvement]

  • [GENERAL] Update some Symfony packages
  • [GENERAL] Improving forgot password
  • [GENERAL] Improving API documentation
  • [LOCKFILES] Improving download of big folders

[CVE Corrected]

libjpeg-turbo CVE-2023-2804 MEDIUM https://avd.aquasec.com/nvd/cve-2023-2804

 

Version 1.15.0 - 31th May 2023

[Improvement]

  • [GENERAL] API documentation has been reworked

[Bugfix]

  • [GENERAL] Forgot password is now working with special character in the email
  • [LOCKPASS] Bugfix in favorite categories
  • [LOCKPASS] Bugfix in Keeper import
  • [LOCKPASS] Bugfix in search by tag

[CVE Corrected]

curl

CVE-2023-28319

CVE-2023-28321

CVE-2023-28322

CVE-2023-28320

MEDIUM

https://avd.aquasec.com/nvd/cve-2023-28319

https://avd.aquasec.com/nvd/cve-2023-28321

https://avd.aquasec.com/nvd/cve-2023-28322

https://avd.aquasec.com/nvd/cve-2023-28320

libcrypto3 CVE-2023-2650 MEDIUM

https://avd.aquasec.com/nvd/cve-2023-2650

libcurl

CVE-2023-28319

CVE-2023-28321

CVE-2023-28322

CVE-2023-28320

MEDIUM

https://avd.aquasec.com/nvd/cve-2023-28319

https://avd.aquasec.com/nvd/cve-2023-28321

https://avd.aquasec.com/nvd/cve-2023-28322

https://avd.aquasec.com/nvd/cve-2023-28320

libssl3 CVE-2023-2650 MEDIUM

https://avd.aquasec.com/nvd/cve-2023-2650

libwebp CVE-2023-1999 HIGH

https://avd.aquasec.com/nvd/cve-2023-1999

ncurses-libs CVE-2023-29491 HIGH

https://avd.aquasec.com/nvd/cve-2023-29491

openssl CVE-2023-2650 MEDIUM https://avd.aquasec.com/nvd/cve-2023-2650
       

 

Version 1.14.3 - 09th May 2023

[Bugfix]

  • [LOCKPASS] Bugfix in password strenght

 

Version 1.14.2 - 25th April 2023

[CVE Corrected]

libcrypto3

libssl3

openssl

CVE-2023-1255 MEDIUM

https://avd.aquasec.com/nvd/cve-2023-1255

guzzlehttp/psr7 CVE-2023-29197 MEDIUM

https://avd.aquasec.com/nvd/cve-2023-29197


[Bugfix]

  • [GENERAL] Bugfix in organization import

 

Version 1.14.1 - 12th April 2023

[CVE Corrected]

libxml2

CVE-2023-28484

CVE-2023-29469

MEDIUM

https://avd.aquasec.com/nvd/cve-2023-28484

https://avd.aquasec.com/nvd/cve-2023-29469

 

Version 1.14.0 - 27th March 2023

[New feature]

  • [GENERAL] Administrators can now export users list

[Improvement]

  • [LOCKPASS] Optimizing tag's search

[Bugfix]

  • [LOCKFILES] Bugfix when you want to move a file in personal folder
  • [LOCKFILES] Bugfix in personnal options inheritance

[CVE Corrected]

curl

CVE-2023-27535

CVE-2023-27533

CVE-2023-27534

CVE-2023-27536

CVE-2023-27537

CVE-2023-27538

 MEDIUM

https://avd.aquasec.com/nvd/cve-2023-27535

https://avd.aquasec.com/nvd/cve-2023-27533

https://avd.aquasec.com/nvd/cve-2023-27534

https://avd.aquasec.com/nvd/cve-2023-27536

https://avd.aquasec.com/nvd/cve-2023-27537

https://avd.aquasec.com/nvd/cve-2023-27538

libcrypto3 CVE-2023-0464 MEDIUM

https://avd.aquasec.com/nvd/cve-2023-0464

libcurl

CVE-2023-27535

CVE-2023-27533

CVE-2023-27534

CVE-2023-27536

CVE-2023-27537

CVE-2023-27538

LOW

https://avd.aquasec.com/nvd/cve-2023-27535

https://avd.aquasec.com/nvd/cve-2023-27533

https://avd.aquasec.com/nvd/cve-2023-27534

https://avd.aquasec.com/nvd/cve-2023-27536

https://avd.aquasec.com/nvd/cve-2023-27537

https://avd.aquasec.com/nvd/cve-2023-27538

libssl3 CVE-2023-0464 MEDIUM

https://avd.aquasec.com/nvd/cve-2023-0464

tiff CVE-2022-3970 HIGH

https://avd.aquasec.com/nvd/cve-2022-3970

CairoSVG CVE-2023-27586 CRITICAL

https://avd.aquasec.com/nvd/cve-2023-27586

knplabs/knp-snappy CVE-2023-28115 CRITICAL https://avd.aquasec.com/nvd/cve-2023-28115
       

 

Version 1.13.6 - 01 March 2023

[CVE Corrected]

api-platform/core CVE-2023-25575 HIGH

https://avd.aquasec.com/nvd/cve-2023-25575

 

Version 1.13.5 - 27th February 2023

[Bugfix]

  • [LOCKPASS] Bugfix on password monitor usage
  • [WHITEMARK] Updating banner is working now
     

Version 1.13.4 - 21th February 2023

[Bugfix]

  • [EMAIL] Bugfix on customers banner

[CVE Corrected]

curl

CVE-2023-23916

CVE-2023-23914

CVE-2023-23915

MEDIUM

https://avd.aquasec.com/nvd/cve-2023-23916

https://avd.aquasec.com/nvd/cve-2023-23914

https://avd.aquasec.com/nvd/cve-2023-23915

libcurl

CVE-2023-23916

CVE-2023-23914

CVE-2023-23915

MEDIUM

https://avd.aquasec.com/nvd/cve-2023-23916

https://avd.aquasec.com/nvd/cve-2023-23914

https://avd.aquasec.com/nvd/cve-2023-23915

tar CVE-2022-48303 HIGH

https://avd.aquasec.com/nvd/cve-2022-48303

 

Version 1.13.3 - 11th February 2023

[Improvement]

  • [LOCKPASS] You cannot create two categories with the same name on your personnal categories

[Bugfix]

  • [IMPORT] Bugfix in users import
  • [LOCKFILES] Bugfix when you want to download a large number of files
  • [MANAGEMENT] Bugfix on some users report
  • [EXPORT] Passwords global export can now be opened by every zip tools

[CVE Corrected]

  • Some security fixes
gnutls CVE-2023-0361 UNKNOWN https://avd.aquasec.com/nvd/cve-2023-0361
libcrypto3

CVE-2023-0286

CVE-2022-4203

CVE-2022-4304

CVE-2022-4450

CVE-2023-0215

CVE-2023-0216

CVE-2023-0217

CVE-2023-0401

HIGH

https://avd.aquasec.com/nvd/cve-2023-0286

https://avd.aquasec.com/nvd/cve-2022-4203

https://avd.aquasec.com/nvd/cve-2022-4304

https://avd.aquasec.com/nvd/cve-2022-4450

https://avd.aquasec.com/nvd/cve-2023-0215

https://avd.aquasec.com/nvd/cve-2023-0216

https://avd.aquasec.com/nvd/cve-2023-0217

https://avd.aquasec.com/nvd/cve-2023-0401

libssl3

CVE-2023-0286

CVE-2022-4203

CVE-2022-4304

CVE-2022-4450

CVE-2023-0215

CVE-2023-0216

CVE-2023-0217

CVE-2023-0401

HIGH

https://avd.aquasec.com/nvd/cve-2023-0286

https://avd.aquasec.com/nvd/cve-2022-4203

https://avd.aquasec.com/nvd/cve-2022-4304

https://avd.aquasec.com/nvd/cve-2022-4450

https://avd.aquasec.com/nvd/cve-2023-0215

https://avd.aquasec.com/nvd/cve-2023-0216

https://avd.aquasec.com/nvd/cve-2023-0217

https://avd.aquasec.com/nvd/cve-2023-0401

openssl

CVE-2023-0286

CVE-2022-4203

CVE-2022-4304

CVE-2022-4450

CVE-2023-0215

CVE-2023-0216

CVE-2023-0217

CVE-2023-0401

HIGH

https://avd.aquasec.com/nvd/cve-2023-0286

https://avd.aquasec.com/nvd/cve-2022-4203

https://avd.aquasec.com/nvd/cve-2022-4304

https://avd.aquasec.com/nvd/cve-2022-4450

https://avd.aquasec.com/nvd/cve-2023-0215

https://avd.aquasec.com/nvd/cve-2023-0216

https://avd.aquasec.com/nvd/cve-2023-0217

https://avd.aquasec.com/nvd/cve-2023-0401

symfony/http-kernel CVE-2022-24894 MEDIUM https://avd.aquasec.com/nvd/cve-2022-24894
symfony/security-bundle CVE-2022-24895 LOW https://avd.aquasec.com/nvd/cve-2022-24895

 

Version 1.13.2 - 3rd February 2023

[Bugfix]

  • [LOCKFILES] Groups appears correctly on the folders
  • [GENERAL] Bugfix for self signed SMTP

 

Version 1.13.1 - 26th January 2023

[Improvement]

  • [MANAGEMENT] Improving global export
  • [LOCKPASS] Improving Dashlane import

[CVE Corrected]

pkgconf CVE-2023-24056 UNKNOWN

https://avd.aquasec.com/nvd/cve-2023-24056

cakephp/database

CVE-2023-22727

CRITICAL

https://avd.aquasec.com/nvd/cve-2023-22727

 

Version 1.13.0 - 16th January 2023

[New feature]

  • [GENERAL] Updating PHP to PHP8.2
  • [GENERAL] Updating Symfony to Symfony 5.4
  • [GENERAL] Updating Nginx to Nginx to Nginx 1.23.3

 

Version 1.12.0 - 05th January 2023

[New feature]

  • [LOCKPASS] You can now export all the shared passwords with associate files in a ZIP

 

Version 1.11.0 - 26th December 2022

Technical version

 

Version 1.10.9 - 12th December 2022

[CVE Corrected]

python3 CVE-2022-37454 CRITICAL

https://avd.aquasec.com/nvd/cve-2022-37454

python3

CVE-2022-42919

CVE-2022-45061

HIGH

https://avd.aquasec.com/nvd/cve-2022-45061

https://avd.aquasec.com/nvd/cve-2022-42919

 

Version 1.10.8 - 6th December 2022

[Bugfix]

  • [LOCKPASS] Bugfix for categories creation in some cases

Version 1.10.7 - 29th November 2022

[Improvement]

  • [LOCKPASS] Optimizing auto detection for the browser extension

 

Version 1.10.6 - 24th November 2022

[Improvement]

  • [LOCKPASS - TECH ONLY] Improving categories entity migration

 

Version 1.10.5 - 21th November 2022

[Improvement]

  • [LOCKPASS - TECH ONLY] Migration of categories entity

 

Version 1.10.4 - 16th November 2022

[Improvement]

  • [LOCKPASS] Improving Lastpass import 

[CVE Corrected]

pixman CVE-2022-44638 HIGH https://avd.aquasec.com/nvd/cve-2022-44638

 

Version 1.10.3 - 28th October 2022

[Improvement]

  • [LOCKTRANSFER] Managing language translations on external pages in iOS / Android

[CVE Corrected]

curl

CVE-2022-32221

CVE-2022-42916

CVE-2022-42915

MEDIUM

https://avd.aquasec.com/nvd/cve-2022-32221

https://avd.aquasec.com/nvd/cve-2022-42915

https://avd.aquasec.com/nvd/cve-2022-42916

dbus-libs

CVE-2022-42010

CVE-2022-42011

CVE-2022-42012

MEDIUM

https://avd.aquasec.com/nvd/cve-2022-42010

https://avd.aquasec.com/nvd/cve-2022-42011

https://avd.aquasec.com/nvd/cve-2022-42012

expat

CVE-2022-40674

CVE-2022-43680

CRITICAL

https://avd.aquasec.com/nvd/cve-2022-40674

https://avd.aquasec.com/nvd/cve-2022-43680

libcurl

CVE-2022-32221

CVE-2022-42915

CVE-2022-42916

MEDIUM

https://avd.aquasec.com/nvd/cve-2022-32221

https://avd.aquasec.com/nvd/cve-2022-42915

https://avd.aquasec.com/nvd/cve-2022-42916

libxml2

CVE-2022-40303

CVE-2022-40304

HIGH

https://avd.aquasec.com/nvd/cve-2022-40303

https://avd.aquasec.com/nvd/cve-2022-40304

twig/twig CVE-2022-39261 HIGH https://avd.aquasec.com/nvd/cve-2022-39261

 

Version 1.10.2 - 24th October 2022

Technical version

 

Version 1.10.1 - 20th October 2022

Technical version

 

Version 1.10.0 - 17th October 2022

[New feature]

  • [LOCKPASS] You now have an option on the categories to allow passwords deletion

[Improvement]

  • [HISTORY] You can now export logs for a given duration
  • [GENERAL] Improving file upload time
  • [LOCKTRANSFER] You can now compartmentalize or decompartmentalize an existing deposit box
     

Version 1.9.1 - 19th september 2022

[Bugfix]

  • [LOCKFILES] Bugfix in personnal file rename
  • [MANAGEMENT] Bugfix in user report

 

Version 1.9.0 - 12th september 2022

[New feature]

  • [LOCKPASS / LOCKFILES] You can now download report for a LockPass category or LockFiles folder
  • [MANAGEMENT] You can now import a list of groups

[Improvement]

  • [LOCKFILES] Rename uploaded file by adding (X) at the end if this upload as the same name than an other

 

Version 1.8.1 - 5th september 2022

[Improvement]

  • [LOCKPASS] You can add multiple URL in a credential using "|"

[Bugfix]

  • [LOCKPASS] Bugfix in monitoring usage for some passwords
  • [LOCKFILES] Bugfix when you're trying to move a file from your personal root directory

 

Version 1.8.0 - 25th August 2022

[New feature]

  • [GENERAL] You can now manage SSO configuration if the option is enable

[Bugfix]

  • [LOCKTRANSFER] Bugfix for some transfers reports

 

Version 1.7.1 - 18th August 2022

[New feature]

  • [MANAGEMENT] You can now sort the users
  • [LOCKFILES] Directories are now shown when doing a search
 

Version 1.7.0 - 29th July 2022

[New feature]

  • [GENERAL] Administrators and moderators will receive an email to know which users activate their account
  • [LOCKPASS] You will now receive an email when a category expired

[Improvement]

  • [LOCKPASS] When you monitor usage of a password, you know if the password is use or modify
  • [LOCKTRANSFER] Users are sorted in the deposit boxes

 

Version 1.6.3 - 18th July 2022

[Bugfix]

  • [LOCKTRANSFER] Transfers protected by password can be create without email

 

Version 1.6.2 - 15th July 2022

[Improvement]

  • [GENERAL] You can configure your SMTP connection directly from the application if the option is available for your installation
  • [GENERAL] Autocompletion in the application is improved
  • [MANAGEMENT] Provider users can now be administrator and moderator

[Bugfix]

  • [LOCKTRANSFER] Shared emails are been notified in the reports
  • [LOCKPASS] You cannot modify name of a main category if it already exist
  • [LOCKPASS] You cannot import a category if the expiration date is past

[CVE Corrected]

guzzlehttp/guzzle CVE-2022-29248
CVE-2022-31042
CVE-2022-31043
CVE-2022-31091
CVE-2022-31090
HIGH avd.aquasec.com/nvd/cve-2022-29248
avd.aquasec.com/nvd/cve-2022-31042
avd.aquasec.com/nvd/cve-2022-31043
avd.aquasec.com/nvd/cve-2022-31091
avd.aquasec.com/nvd/cve-2022-31090

 

Version 1.6.1 - 27th June 2022

[Improvement]

  • [LOCKTRANSFER] Improving report for multiples transfers
  • [MANAGEMENT] Improving users report

[Bugfix]

  • [LOCKPASS] Bugfix in category creation by an API user

[CVE Corrected]

libpcre2-16

CVE-2022-1586

CVE-2022-1587

CRITICAL

avd.aquasec.com/nvd/cve-2022-1586

avd.aquasec.com/nvd/cve-2022-1587

 

Version 1.6.0 - 30th May 2022

[New feature]

  • [GENERAL] Applicative logs can be retrieve by syslog for premium customers
  • [GENERAL] When an account is locked after 10 connexion attempt, the administrator will now receive an email

[Bugfix]

  • [MANAGEMENT] Bugfix when you try to delete a group in some case
  • [LOCKFILES] Email is correctly insert in history when a user download a file

 

Version 1.5.2 - 25th Apr 2022

[Improvement]

  • [MANAGEMENT] User report can be get in English
  • [LOCKPASS] A category manager cannot self remove

 

Version 1.5.1 - 3th Apr 2022

[Global]

  • Upgrade MariaDB. Version 10.6.7.

[Improvement]

  • [GENERAL] Category manager can now use autocompletion

[Bugfix]

  • [LOCKPASS] Bugfix in tags when a password is modified
  • [LOCKTRANSFER] Bugfix in large deposit box reports 

[CVE Corrected]

Library Vulnerability ID Severity URL
zlib CVE-2018-25032 High avd.aquasec.com/nvd/cve-2018-25032

 

Version 1.5.0 - 20th Mar 2022

[Improvement]

  • [GENERAL] UPN is now supported
  • [LOCKPASS] You will no longer recover ownership of a password when you change it
  • [LOCKTRANSFER / LOCKFILES] Files size has been added for actions in the history tab

[Bugfix]

  • [GENERAL] Bugfix in user account password change
  • [GENERAL] Timeout bugfix in organization import
  • [LOCKPASS] Simple users can now download file in LockPass, even if they are not owner
  • [LOCKPASS] Bugfix when you delete a lot of passwords at the same time
  • [LOCKPASS] Bugfix in tags search

[CVE Corrected]

Library Vulnerability ID Severity URL
expat CVE-2022-25235 Critical avd.aquasec.com/nvd/cve-2022-25235
  CVE-2022-25236 Critical avd.aquasec.com/nvd/cve-2022-25236
  CVE-2022-25315 Critical avd.aquasec.com/nvd/cve-2022-25315
  CVE-2022-25314 High avd.aquasec.com/nvd/cve-2022-25314
  CVE-2022-25313 Medium avd.aquasec.com/nvd/cve-2022-25313
libblkid CVE-2022-0563 Medium avd.aquasec.com/nvd/cve-2022-0563
libcrypto1.1 CVE-2022-0778 High avd.aquasec.com/nvd/cve-2022-0778
libmount CVE-2022-0563 Medium avd.aquasec.com/nvd/cve-2022-0563
libretls CVE-2022-0778 High avd.aquasec.com/nvd/cve-2022-0778
libssl1.1 CVE-2022-0778 High avd.aquasec.com/nvd/cve-2022-0778
libuuid CVE-2022-0563 Medium avd.aquasec.com/nvd/cve-2022-0563
libxml2 CVE-2022-23308 High avd.aquasec.com/nvd/cve-2022-23308
libxslt CVE-2021-30560 High avd.aquasec.com/nvd/cve-2021-30560
openssl CVE-2022-0778 High avd.aquasec.com/nvd/cve-2022-0778
py3-pillow Critical   avd.aquasec.com/nvd/cve-2022-22817
  Medium   avd.aquasec.com/nvd/cve-2022-24303

 

Version 1.4.3 - 11th Feb 2022

[Global]

  • Upgrade MariaDB. Version 10.6.5.

[Improvement]

  • Category has added in logs for the passwords actions
  • Log has been added when you delete a user
  • Log has been added when you export the logs

[Bugfix]

  • Bugfix on the report generation for LockTransfer
  • Bugfix on the search in LockFiles
  • Bugfix on Firefox import

 

Version 1.4.2 - 24th Jan 2022

[New feature]

  • More informations are loged for the SSO connection

[Improvement]

  • Dashlane's import has been modified with the new one

[CVE Corrected]

 

Version 1.4.1 - 10th Jan 2022

[Improvement]

  • Methods for search and decrypt password has been improved

 

Version 1.4.0 - 06th Jan 2022

[Global]

  • Alpine version has been updated to 3.15.0
  • Nginx version has been updated to 1.21.5
  • The entire configuration of Nginx and PHP-FPM has been optimized.

 

Version 1.3.1 - 17th Nov 2021

[Bugfix]

  • Buttons on the new extension popup has been switched. The first button copy the login. The second copy the password.
  • Switching organisation's administrator.

 

Version 1.3.0 - 16th Nov 2021

[Global]

  • A new license system comes with this version. You can now upsell and crossell directly from your application (if you are migrated on the new mechanism)

[New feature]

  • All imports return a CSV file with errors if the file contains any

[Improvement]

  • System logs has been reviewed to clean them and add some informations

[Bugfix]

  • Tags are been added when you create a password
  • Rework the LastPass import after they has changed they export
  • Bugfix with categories searching for a user who is in the category via a group

 

Version 1.2.1 - 28th Oct 2021

[Improvement]

  • Environment variable APP_DEBUG now add more debug logs (like SMTP or SSO)
  • Application logs has been reviewed to add some informations

 

Version 1.2.0 - 21th Oct 2021

[New feature]

  • You can now delete sub organizations

[Bugfix]

  • Bugfix for Firefox password import
  • Files name are correctly decoded for a search in LockFiles

 

Version 1.1.0 - 13th Oct 2021

[Improvement]

  • You can now retrieve the LockPass categories when you're doing a search

 

Version 1.0.32 - 27th Sep 2021

[Global]

  • Upgrade Nginx. Version 1.21.3
  • Upgrade MariaDB. Version 10.6.4

[Improvement]

  • LockPass requests are now asynchronous
  • The "see more" feature has been improve on all products
  • Switch from password policy id to password policy name in categories import

[Bugfix]

  • Bugfix when a user tried to download a folder in personnal folder
  • Bugfix when a simple user tried to delete a file from a password - Even if he has the right to modify the password
  • When a user move a password in another category, files keep the links

[CVE Corrected]

Status CVE Severity Package CVE Description
Unapproved Medium CVE-2021-33560 libgcrypt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560

Mise à jour