API

Version 1.9.1 - 19th september 2022

[Bugfix]

  • [LOCKFILES] Bugfix in personnal file rename
  • [MANAGEMENT] Bugfix in user report

 

Version 1.9.0 - 12th september 2022

[New feature]

  • [LOCKPASS / LOCKFILES] You can now download report for a LockPass category or LockFiles folder
  • [MANAGEMENT] You can now import a list of groups

[Improvement]

  • [LOCKFILES] Rename uploaded file by adding (X) at the end if this upload as the same name than an other

 

Version 1.8.1 - 5th september 2022

[Improvement]

  • [LOCKPASS] You can add multiple URL in a credential using "|"

[Bugfix]

  • [LOCKPASS] Bugfix in monitoring usage for some passwords
  • [LOCKFILES] Bugfix when you're trying to move a file from your personal root directory

 

Version 1.8.0 - 25th August 2022

[New feature]

  • [GENERAL] You can now manage SSO configuration if the option is enable

[Bugfix]

  • [LOCKTRANSFER] Bugfix for some transfers reports

 

Version 1.7.1 - 18th August 2022

[New feature]

  • [MANAGEMENT] You can now sort the users
  • [LOCKFILES] Directories are now shown when doing a search
 

Version 1.7.0 - 29th July 2022

[New feature]

  • [GENERAL] Administrators and moderators will receive an email to know which users activate their account
  • [LOCKPASS] You will now receive an email when a category expired

[Improvement]

  • [LOCKPASS] When you monitor usage of a password, you know if the password is use or modify
  • [LOCKTRANSFER] Users are sorted in the deposit boxes

 

Version 1.6.3 - 18th July 2022

[Bugfix]

  • [LOCKTRANSFER] Transfers protected by password can be create without email

 

Version 1.6.2 - 15th July 2022

[Improvement]

  • [GENERAL] You can configure your SMTP connection directly from the application if the option is available for your installation
  • [GENERAL] Autocompletion in the application is improved
  • [MANAGEMENT] Provider users can now be administrator and moderator

[Bugfix]

  • [LOCKTRANSFER] Shared emails are been notified in the reports
  • [LOCKPASS] You cannot modify name of a main category if it already exist
  • [LOCKPASS] You cannot import a category if the expiration date is past

[CVE Corrected]

guzzlehttp/guzzle CVE-2022-29248
CVE-2022-31042
CVE-2022-31043
CVE-2022-31091
CVE-2022-31090
HIGH avd.aquasec.com/nvd/cve-2022-29248
avd.aquasec.com/nvd/cve-2022-31042
avd.aquasec.com/nvd/cve-2022-31043
avd.aquasec.com/nvd/cve-2022-31091
avd.aquasec.com/nvd/cve-2022-31090

 

Version 1.6.1 - 27th June 2022

[Improvement]

  • [LOCKTRANSFER] Improving report for multiples transfers
  • [MANAGEMENT] Improving users report

[Bugfix]

  • [LOCKPASS] Bugfix in category creation by an API user

[CVE Corrected]

libpcre2-16

CVE-2022-1586

CVE-2022-1587

CRITICAL

avd.aquasec.com/nvd/cve-2022-1586

avd.aquasec.com/nvd/cve-2022-1587

 

Version 1.6.0 - 30th May 2022

[New feature]

  • [GENERAL] Applicative logs can be retrieve by syslog for premium customers
  • [GENERAL] When an account is locked after 10 connexion attempt, the administrator will now receive an email

[Bugfix]

  • [MANAGEMENT] Bugfix when you try to delete a group in some case
  • [LOCKFILES] Email is correctly insert in history when a user download a file

 

Version 1.5.2 - 25th Apr 2022

[Improvement]

  • [MANAGEMENT] User report can be get in English
  • [LOCKPASS] A category manager cannot self remove

 

Version 1.5.1 - 3th Apr 2022

[Global]

  • Upgrade MariaDB. Version 10.6.7.

[Improvement]

  • [GENERAL] Category manager can now use autocompletion

[Bugfix]

  • [LOCKPASS] Bugfix in tags when a password is modified
  • [LOCKTRANSFER] Bugfix in large deposit box reports 

[CVE Corrected]

Library Vulnerability ID Severity URL
zlib CVE-2018-25032 High avd.aquasec.com/nvd/cve-2018-25032

 

Version 1.5.0 - 20th Mar 2022

[Improvement]

  • [GENERAL] UPN is now supported
  • [LOCKPASS] You will no longer recover ownership of a password when you change it
  • [LOCKTRANSFER / LOCKFILES] Files size has been added for actions in the history tab

[Bugfix]

  • [GENERAL] Bugfix in user account password change
  • [GENERAL] Timeout bugfix in organization import
  • [LOCKPASS] Simple users can now download file in LockPass, even if they are not owner
  • [LOCKPASS] Bugfix when you delete a lot of passwords at the same time
  • [LOCKPASS] Bugfix in tags search

[CVE Corrected]

Library Vulnerability ID Severity URL
expat CVE-2022-25235 Critical avd.aquasec.com/nvd/cve-2022-25235
  CVE-2022-25236 Critical avd.aquasec.com/nvd/cve-2022-25236
  CVE-2022-25315 Critical avd.aquasec.com/nvd/cve-2022-25315
  CVE-2022-25314 High avd.aquasec.com/nvd/cve-2022-25314
  CVE-2022-25313 Medium avd.aquasec.com/nvd/cve-2022-25313
libblkid CVE-2022-0563 Medium avd.aquasec.com/nvd/cve-2022-0563
libcrypto1.1 CVE-2022-0778 High avd.aquasec.com/nvd/cve-2022-0778
libmount CVE-2022-0563 Medium avd.aquasec.com/nvd/cve-2022-0563
libretls CVE-2022-0778 High avd.aquasec.com/nvd/cve-2022-0778
libssl1.1 CVE-2022-0778 High avd.aquasec.com/nvd/cve-2022-0778
libuuid CVE-2022-0563 Medium avd.aquasec.com/nvd/cve-2022-0563
libxml2 CVE-2022-23308 High avd.aquasec.com/nvd/cve-2022-23308
libxslt CVE-2021-30560 High avd.aquasec.com/nvd/cve-2021-30560
openssl CVE-2022-0778 High avd.aquasec.com/nvd/cve-2022-0778
py3-pillow Critical   avd.aquasec.com/nvd/cve-2022-22817
  Medium   avd.aquasec.com/nvd/cve-2022-24303

 

Version 1.4.3 - 11th Feb 2022

[Global]

  • Upgrade MariaDB. Version 10.6.5.

[Improvement]

  • Category has added in logs for the passwords actions
  • Log has been added when you delete a user
  • Log has been added when you export the logs

[Bugfix]

  • Bugfix on the report generation for LockTransfer
  • Bugfix on the search in LockFiles
  • Bugfix on Firefox import

 

Version 1.4.2 - 24th Jan 2022

[New feature]

  • More informations are loged for the SSO connection

[Improvement]

  • Dashlane's import has been modified with the new one

[CVE Corrected]

 

Version 1.4.1 - 10th Jan 2022

[Improvement]

  • Methods for search and decrypt password has been improved

 

Version 1.4.0 - 06th Jan 2022

[Global]

  • Alpine version has been updated to 3.15.0
  • Nginx version has been updated to 1.21.5
  • The entire configuration of Nginx and PHP-FPM has been optimized.

 

Version 1.3.1 - 17th Nov 2021

[Bugfix]

  • Buttons on the new extension popup has been switched. The first button copy the login. The second copy the password.
  • Switching organisation's administrator.

 

Version 1.3.0 - 16th Nov 2021

[Global]

  • A new license system comes with this version. You can now upsell and crossell directly from your application (if you are migrated on the new mechanism)

[New feature]

  • All imports return a CSV file with errors if the file contains any

[Improvement]

  • System logs has been reviewed to clean them and add some informations

[Bugfix]

  • Tags are been added when you create a password
  • Rework the LastPass import after they has changed they export
  • Bugfix with categories searching for a user who is in the category via a group

 

Version 1.2.1 - 28th Oct 2021

[Improvement]

  • Environment variable APP_DEBUG now add more debug logs (like SMTP or SSO)
  • Application logs has been reviewed to add some informations

 

Version 1.2.0 - 21th Oct 2021

[New feature]

  • You can now delete sub organizations

[Bugfix]

  • Bugfix for Firefox password import
  • Files name are correctly decoded for a search in LockFiles

 

Version 1.1.0 - 13th Oct 2021

[Improvement]

  • You can now retrieve the LockPass categories when you're doing a search

 

Version 1.0.32 - 27th Sep 2021

[Global]

  • Upgrade Nginx. Version 1.21.3
  • Upgrade MariaDB. Version 10.6.4

[Improvement]

  • LockPass requests are now asynchronous
  • The "see more" feature has been improve on all products
  • Switch from password policy id to password policy name in categories import

[Bugfix]

  • Bugfix when a user tried to download a folder in personnal folder
  • Bugfix when a simple user tried to delete a file from a password - Even if he has the right to modify the password
  • When a user move a password in another category, files keep the links

[CVE Corrected]

Status CVE Severity Package CVE Description
Unapproved Medium CVE-2021-33560 libgcrypt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560

Mise à jour