From 8f9b82c925a18fbb4b0a5432872be06339d0d14c02cf2bd3cfdb9a5428d8f12f Mon Sep 17 00:00:00 2001 From: Matthias Bach Date: Mon, 5 Jun 2023 19:55:10 +0000 Subject: [PATCH] =?UTF-8?q?-=20Update=20to=202.54=20=20=20*=20Security:=20?= =?UTF-8?q?=20=20=20=20+=20Improved=20process=20memory=20protection=20of?= =?UTF-8?q?=20secure=20edit=20controls=20(CVE-2023-32784,=20boo#1211397).?= =?UTF-8?q?=20=20=20*=20New=20Features:=20=20=20=20=20+=20Triggers,=20glob?= =?UTF-8?q?al=20URL=20overrides,=20password=20generator=20profiles=20and?= =?UTF-8?q?=20a=20few=20more=20settings=20are=20now=20stored=20in=20the=20?= =?UTF-8?q?enforced=20configuration=20file.=20=20=20=20=20+=20Added=20dial?= =?UTF-8?q?og=20'Enforce=20Options=20(All=20Users)'=20(menu=20'Tools'=20?= =?UTF-8?q?=E2=86=92=20'Advanced=20Tools'=20=E2=86=92=20'Enforce=20Options?= =?UTF-8?q?'),=20which=20facilitates=20storing=20certain=20options=20in=20?= =?UTF-8?q?the=20enforced=20configuration=20file.=20=20=20=20=20+=20In=20r?= =?UTF-8?q?eport=20dialogs,=20passwords=20(and=20other=20sensitive=20data)?= =?UTF-8?q?=20are=20now=20hidden=20using=20asterisks=20by=20default=20(if?= =?UTF-8?q?=20hiding=20is=20activated=20in=20the=20main=20window);=20the?= =?UTF-8?q?=20hiding=20can=20be=20toggled=20using=20the=20new=20'***'=20bu?= =?UTF-8?q?tton=20in=20the=20toolbar.=20=20=20=20=20+=20The=20'Print'=20co?= =?UTF-8?q?mmand=20in=20most=20report=20dialogs=20now=20requires=20the=20'?= =?UTF-8?q?Print'=20application=20policy=20flag,=20and=20the=20master=20ke?= =?UTF-8?q?y=20must=20be=20entered=20if=20the=20'Print=20-=20No=20Key=20Re?= =?UTF-8?q?peat'=20application=20policy=20flag=20is=20deactivated.=20=20?= =?UTF-8?q?=20=20=20+=20The=20'Export'=20command=20in=20most=20report=20di?= =?UTF-8?q?alogs=20now=20requires=20the=20'Export'=20application=20policy?= =?UTF-8?q?=20flag,=20and=20the=20master=20key=20must=20be=20entered.=20?= =?UTF-8?q?=20=20=20=20+=20Single=20line=20edit=20dialogs=20now=20support?= =?UTF-8?q?=20hiding=20the=20value=20using=20asterisks.=20=20=20=20=20+=20?= =?UTF-8?q?Commands=20that=20require=20elevation=20now=20have=20a=20shield?= =?UTF-8?q?=20icon=20like=20on=20Windows.=20=20=20=20=20+=20TrlUtil:=20add?= =?UTF-8?q?ed=20'Move=20Selected=20Unused=20Text=20to=20Dialog=20Control'?= =?UTF-8?q?=20command.=20=20=20*=20Improvements:=20=20=20=20=20*=20The=20c?= =?UTF-8?q?ontent=20mode=20of=20the=20configuration=20elements=20'/Configu?= =?UTF-8?q?ration/Application/TriggerSystem',=20'/Configuration/Integratio?= =?UTF-8?q?n/UrlSchemeOverrides'=20and=20'/Configuration/PasswordGenerator?= =?UTF-8?q?/UserProfiles'=20is=20now=20'Replace'=20by=20default.=20=20=20?= =?UTF-8?q?=20=20*=20The=20built-in=20override=20for=20the=20'ssh'=20URI?= =?UTF-8?q?=20scheme=20is=20now=20deactivated=20by=20default=20(it=20can?= =?UTF-8?q?=20be=20activated=20in=20the=20'URL=20Overrides'=20dialog).=20?= =?UTF-8?q?=20=20=20=20*=20When=20opening=20the=20password=20generator=20d?= =?UTF-8?q?ialog=20without=20a=20derived=20profile,=20the=20'(Automaticall?= =?UTF-8?q?y=20generated=20passwords=20for=20new=20entries)'=20profile=20i?= =?UTF-8?q?s=20now=20selected=20by=20default,=20if=20profiles=20are=20enab?= =?UTF-8?q?led=20(otherwise=20the=20default=20profile=20is=20used).=20=20?= =?UTF-8?q?=20=20=20*=20The=20clipboard=20workarounds=20are=20now=20disabl?= =?UTF-8?q?ed=20by=20default=20(they=20are=20not=20needed=20anymore=20on?= =?UTF-8?q?=20most=20systems).=20=20=20=20=20*=20Improved=20clipboard=20cl?= =?UTF-8?q?earing.=20=20=20=20=20*=20Improved=20starting=20of=20an=20eleva?= =?UTF-8?q?ted=20process.=20=20=20*=20Bugfixes:=20=20=20=20=20+=20In=20rep?= =?UTF-8?q?ort=20dialogs,=20the=20'Print'=20and=20'Export'=20commands=20no?= =?UTF-8?q?w=20always=20use=20the=20actual=20data=20(in=20previous=20versi?= =?UTF-8?q?ons,=20asterisks=20were=20printed/exported=20when=20the=20appli?= =?UTF-8?q?cation=20policy=20flag=20'Unhide=20Passwords'=20was=20turned=20?= =?UTF-8?q?off).?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit OBS-URL: https://build.opensuse.org/package/show/Mono/keepass?expand=0&rev=50 --- KeePass-2.53.1-Source.zip | 3 --- KeePass-2.53.1-Source.zip.asc | 16 ---------------- KeePass-2.54-Source.zip | 3 +++ KeePass-2.54-Source.zip.asc | 16 ++++++++++++++++ keepass.changes | 25 +++++++++++++++++++++++++ keepass.spec | 2 +- 6 files changed, 45 insertions(+), 20 deletions(-) delete mode 100644 KeePass-2.53.1-Source.zip delete mode 100644 KeePass-2.53.1-Source.zip.asc create mode 100644 KeePass-2.54-Source.zip create mode 100644 KeePass-2.54-Source.zip.asc diff --git a/KeePass-2.53.1-Source.zip b/KeePass-2.53.1-Source.zip deleted file mode 100644 index 7ca9b0c..0000000 --- a/KeePass-2.53.1-Source.zip +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:47b296c65c6b865e799ce683358c00fdc24997e91de59632e9e655ab2af1c673 -size 5202942 diff --git a/KeePass-2.53.1-Source.zip.asc b/KeePass-2.53.1-Source.zip.asc deleted file mode 100644 index 0ec917c..0000000 --- a/KeePass-2.53.1-Source.zip.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEE2VBEKD7pSNkR6LYGpPdi3FjG+Y4FAmPjk6UACgkQpPdi3FjG -+Y4oFRAAjLBJOEK9eRI8QUEzv1Qqjzukvc3mIh9NOPKeM0WOnoD3bFi0WN37RrBw -/90UetaXxg+0CMpJ456H2Z/A0YAZ5/J49Sz1aCBflkaJ6+WwKwQPzk3OrmUJ522e -EcDuaMd9b4MhQypeQEfhhoZxr/usM3o2QPzNSJVSYeO6y08L2PWohhH4KRahv9ZP -cnQG5NXys1l93aLDBqyC2BLTL0Vkc3GtYHfBRj9qJmtfKbnSdGsJUK0nDRXL7vgM -06cU+p10pn6xU0y9WzKEh+VQjsV357m+3s6jlGGTJ5e1QOWZag7TiO+XvJHWiJ/Y -c0YJ4hGhuV/DSs5k9mUp+HHZZ5D7hDSRCdMO+3bWFaewP2Nu7QkvObQTVOq614NB -rWrm8Rj+T/icKl29fH6HKzXzgfMeBCWd48cpgNbtIChk5rS1v/EQnGWrMaPzop5/ -ZzWvbgRSe7XuRGTqxZgwfEv8FwZyTbCfWpWUDxmg1BDfHrdJjpPObFONdo55KWjc -dE+KlB6t3mtaYZDKdbCmlrhJYDoWMC0YQvjMVwl3Y9gvNUx2MyvjdMRWC2+ku63C -KE5H6Rp9g06V+dVU7XDwugoODZhQqzevHpmNSIE64hBWCvS1VU0kgTzMxAl1mguO -+bsKKkfnCeXNJlBjMN6l2PJ+2SqsF17Cb9TXgKDptQyyEZg4N9c= -=FnIB ------END PGP SIGNATURE----- diff --git a/KeePass-2.54-Source.zip b/KeePass-2.54-Source.zip new file mode 100644 index 0000000..8513f2d --- /dev/null +++ b/KeePass-2.54-Source.zip @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:7c35d3e17c6825f3d5f2d53cb8bf786e72ffff32a5bd7192f44ccd96ce769098 +size 5210324 diff --git a/KeePass-2.54-Source.zip.asc b/KeePass-2.54-Source.zip.asc new file mode 100644 index 0000000..49f0beb --- /dev/null +++ b/KeePass-2.54-Source.zip.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEE2VBEKD7pSNkR6LYGpPdi3FjG+Y4FAmR6/aUACgkQpPdi3FjG ++Y4rxg/8CYl3jTSNa5wCerQWVAfR2eDcg0vIjqZ6Hgvil36vI6fFWUD7KdXQ9Z/d +Mx0K6K7xQcXOppVzTEDadIYy+NoUHGxTS8OQJuePZ4x0j1W9FknqCJe/B8I2S+6F +v7COiNiD5qUZ4HUVbx8dT7Vhu64BLytcJ06DvMMWOO/R+cUGbtr6z08YSmXCY2YS +pyWubvS9/ExeBDQgvr3IcHFSZaxjfIE+LvziSqBhfbO4RQWd5VtNKFIiSzLNPQAl +GeqU5xJ+1v1P8nEnT8D+s7pN7YNs1eyFL9vNXO/jGiTHOV2jZEkbBNP3QQgcSU1t +6WWhBoE4wT1+H0xDNlNu+GK7vU4+p9Xo6lsAqywCvqsJ+bmtgfLiTIXAOu5BFDAa +WV8/gBRVWxfB9Vvy1ki8KIybgVCtlBg93eug6WcYOxHBbqWkfuqlQbj330cVeb5Y +o9VkzALIKl/x1du1QQQemQHdatCS0RYF4UiD6Wn4dfcz/YQ6Yn4GmU4NFWE/r8Z3 +WzD0/GNZFhi9qTNBe+R1GRzLBBF0ZJQBZoP5AmlVKDsIu5cOFHJSy1Ay3jfi544o +Bo9s14oFxaTKDZy3phsypVefZSvNsJB+ssfymrbH14DKXjuYLlpvLDJGDGjYR1ff +bnc+m6J/z3JQnMqCNPnlK1ceM8epaHjFdSZAIaUiyOyns3XBpdw= +=sAhG +-----END PGP SIGNATURE----- diff --git a/keepass.changes b/keepass.changes index 678eb64..891c2f2 100644 --- a/keepass.changes +++ b/keepass.changes @@ -1,3 +1,28 @@ +------------------------------------------------------------------- +Mon Jun 5 19:48:48 UTC 2023 - Matthias Bach - 2.54 + +- Update to 2.54 + * Security: + + Improved process memory protection of secure edit controls (CVE-2023-32784, boo#1211397). + * New Features: + + Triggers, global URL overrides, password generator profiles and a few more settings are now stored in the enforced configuration file. + + Added dialog 'Enforce Options (All Users)' (menu 'Tools' → 'Advanced Tools' → 'Enforce Options'), which facilitates storing certain options in the enforced configuration file. + + In report dialogs, passwords (and other sensitive data) are now hidden using asterisks by default (if hiding is activated in the main window); the hiding can be toggled using the new '***' button in the toolbar. + + The 'Print' command in most report dialogs now requires the 'Print' application policy flag, and the master key must be entered if the 'Print - No Key Repeat' application policy flag is deactivated. + + The 'Export' command in most report dialogs now requires the 'Export' application policy flag, and the master key must be entered. + + Single line edit dialogs now support hiding the value using asterisks. + + Commands that require elevation now have a shield icon like on Windows. + + TrlUtil: added 'Move Selected Unused Text to Dialog Control' command. + * Improvements: + * The content mode of the configuration elements '/Configuration/Application/TriggerSystem', '/Configuration/Integration/UrlSchemeOverrides' and '/Configuration/PasswordGenerator/UserProfiles' is now 'Replace' by default. + * The built-in override for the 'ssh' URI scheme is now deactivated by default (it can be activated in the 'URL Overrides' dialog). + * When opening the password generator dialog without a derived profile, the '(Automatically generated passwords for new entries)' profile is now selected by default, if profiles are enabled (otherwise the default profile is used). + * The clipboard workarounds are now disabled by default (they are not needed anymore on most systems). + * Improved clipboard clearing. + * Improved starting of an elevated process. + * Bugfixes: + + In report dialogs, the 'Print' and 'Export' commands now always use the actual data (in previous versions, asterisks were printed/exported when the application policy flag 'Unhide Passwords' was turned off). + ------------------------------------------------------------------- Sat Feb 11 13:44:05 UTC 2023 - Matthias Bach - 2.53.1 diff --git a/keepass.spec b/keepass.spec index 9dd181c..9da0434 100644 --- a/keepass.spec +++ b/keepass.spec @@ -18,7 +18,7 @@ %define _name KeePass Name: keepass -Version: 2.53.1 +Version: 2.54 Release: 0 Summary: Password Manager License: GPL-2.0-or-later