Privacyidea

Latest version: v3.10.1

Safety actively analyzes 688634 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 11 of 14

2.13

Not secure
Features
* Allow central definition of SMS gateways
to be used with tokens. 392
* User SMS for User Notificaton Event Handler. 435
* Add PIN change setting for each token. 429
* Force PIN change in web UI. 432

Enhancements
* Performence enhancements
* speed up loading of audit log in web UI.
* avoid double loadin of tokens and audit entries in web UI. 436
* Additional log level (enhanced Debug) to even log passwords in
debug mode.
* Add new logo. 430
* Add quick actions in the token list: reset failcounter,
toggle active. 426
* REST API returns OTP length on successful authentication. 407
* Add intelligent OverrideAuthorizationClient system setting,
that allows defined proxies to reset the client IP. 395

Fixes
* Display token count in web UI. 437
* Use correct default_tokentype in token enrollment. 427
* Fix HOTP resync problems. 412

2.12

Not secure
Features
* Event Handler Framework 360
* local CA connector can enroll certificates
for users. Users can download PKCS12 file. 383
* Add and edit users in LDAP resolvers 372
* Hardware Security Module support via PKCS11
* Time dependent policies 358

Enhancements
* Policy for web UI enrollment wizard 402
* Realm dropdown box at login screen 400
* Apply user policy settings 390
* Improve QR Code for TOTP token enrollment 384
* Add documentation for enrollment wizard 381
* Improve pi-manage backup to use pymysql 375
* Use X-Forwarded-For HTTP header as client IP 356
* Add meta-package privacyidea-mysql 376

Fixes
* Adduser honors resolver setting in policy 403
* Add documentation for SPASS token 399
* Hide enrollment link (WebUI) is user can not enroll 398
* Fix getSerial for TOTP tokens 393
* Fix system config checkboxes 378
* Allow a realm to be remove from a token 363
* Improve the date handling in emails 352
* Sending test emails 350
* Authentication with active token not possible if
the user has a disabled token 339

2.11

Not secure
Features
* RADIUS Servers: Allow central definition of RADIUS servers
* RADIUS passthru policy: Authentication requests for users
with no tokens can be forwarded to a specified RADIUS server

Enhancements
* Allow objectGUID in LDAP-Resolver of Active Directory
* Use paged searches in LDAP. LDAP resolver will find all
users in the LDAP directory.
* Allow privacyIDEA instance name to be configured for
the AUDIT log
* Allow special characters in LDAP loginnames and passwords
* Add arbitrary attributes to SAML Authentication response
* Enhance the handling of YUBICO mode yubikeys with the
YUBICO API. The prefix is handled correctly.
* Allow in get_tokens to be filtered for tokeninfo.
* Add paged search in LDAP resolver. This allows responses
with more than 1000 objects.

Fixes
* Fix SMTP authentication
* Fix Enrollment Wizard for non-default realm users
* Registration process: If an email can not be delivered,
the token is deleted, since it can not be used.

2.10

Not secure
Features
* User Registration: A user may register himself and thus create
his new user account.
* Password Reset: Using a recovery token a user may issue a
password reset without bothering the administrator or the
help desk.
* Enrollment Wizard for easy user token enrollment
* SMTP Servers: Define several system wide SMTP settings and use
these for
* Email token,
* SMTP SMS Provider,
* registration process,
* or password reset.

Enhancements
* Ease the Smartphone App (Google Authenticator) rollout.
Hide otplen, hash, timestep in the UI if a policy is defined.
* Add import of Aladdin/SafeNet XML file.
* Add import of password encrypted PSKC files.
* Add import of key encrypted PSKC files.

Fixes
* Support LDAP passwords with special non-ascii characters.
* Support LDAP BIND with special non-ascii characters.
* Fix problem with encrypted encryption key.
* Fix upgrading DB Schema for postgresql+psycopg2.
* Fix UI displaying of saved SMS Provider.
* Do not start challenge response with a locked/disabled token.

2.9

Not secure
Features
* New token type: Security questions or questionnaire token.
* New token type: Paper token. OTP values printed on a piece of paper.
* Yubico Validation API: The yubikey tokens can authenticate via
/ttype/yubikey which follows the Yubico Validation Protocol.

Enhancements
* Add Web UI view to display the active challenges.
* The issuer for the Google Authenticator app can be configured.
* The LDAP machine resolver uses an LDAP server pool.
* The LDAP user resolver returns a list of mobile numbers.

Fixes
* The test email for the email token now has a sent date.
* Fix problem when using encrypted encryption key.
* Fix upper case problem when logging in to web UI
with REMOTE_USER.
* Fix allow set an empty PIN in the web UI.
* Fix import of token file in Web UI.

2.8

Not secure
Features
* Improve U2F support with trusted facets
* Add Challenge Response and U2F support to SAML
* Add Web UI theming
* Add possibility to use REMOTE_USER for authentication at Web UI
* Fuzzy Authentication: restrict time since last authentication

Enhancements
* Allow mangle policy when fetching ssh keys
* Add realm support to ownCloud plugin
* Support Drupal passwords in SQL resolver
* Add validity period to token enrollment
* Set default enrollment token type in Web UI
* Add scope to LDAP resolver

Fixes
* Fix failcounter reset for challenge response tokens
* Fix confusing DB errors (column exist) during installation
* Fix email token TLS checkbox saving
* Fix TOTP testing in Web UI
* Fix SMS config loading in Web UI

Page 11 of 14

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.