On July 15th we released LinOTP 3.2.1 to the repositories.
LinOTP 3.2.1
netgo software GmbH is pleased to announce the availability of the following product release:
LinOTP 3.2.1 brings fixes. The following list contains the most important changes. Please also refer to the complete changelog at the end of this newsletter.
Highlights:
- Fix audit key verification errors
- Fix migration of QR-tokens from SVA-2.12.5 to SVA-3.0
- Ensure that inactive policies are not evaluated
Download
LinOTP 3.2.1 is available as a Debian package from www.linotp.org.
Users of the LinOTP Smart Virtual Appliance will receive LinOTP 3.2.1 via the integrated auto-update mechanism.
We are happy to assist our support customers in upgrading their environment to the latest release. Please contact us at support@linotp.de
The LinOTP team
--
netgo software GmbH
https://www.linotp.de
Strong MFA solution by
netgo
Branch office Darmstadt, Pallaswiesenstr. 174a, 64293 Darmstadt
Main office, Siemensdamm 62, 13627 Berlin
Registerd Office: Amtsgericht Berlin-Charlottenburg, HRB 243718 B
Board of Directors: Matthias Nietz, Clemens Schmidt, Constantin Wehmschulte
Germany
Sales Hotline: +49 6151 86086-277, Fax: -299
Email: sales@linotp.de
Changelog LinOTP 3.2.1
Fix:
- Audit key verification errors solved by using newer version of pycryptodomex.
- Remove weak file permissions in config dir.
- Solved migration of QR-tokens which broke backup-restore from SVA-2.12.5 to SVA-3.0
- Database re-encoding during database migration now also migrates managed users that were previously not correctly migrated.
- Debian postinst trying to add admin users via htdigest. This is no longer supported and therefore removed. Use the linotp CLI manually instead.
- Ensure that inactive policies are not evaluated. Previously, inactive policies were being evaluated in certain situations, leading to wrongly attributed permissions to logged-in administrators.