KeePass Password Safe 歷史版本列表
更新時間:2019-09-11
更新細節:
What's new in this version:
New:
- Due to removal of compatibility with old version passwords in this version, downgrading to any version prior to v6.43 (v6.42.12 and older) will clear all user passwords and allow password-less authentication. Please secure your router after downgrading
- Old API authentication method will also no longer work, see documentation for new login procedure
Fixed:
- capsman - fixed regulatory domain information checking when doing background scan
- conntrack - improved system stability when using h323 helper (introduced in v6.45)
- crs3xx - fixed "egress-rate" property on CRS309-1G-8S+, CRS312-4C+8XG, CRS326-24S+2Q+ devices
- qsfp - clear SFP monitoring data on port enable
- qsfp - correctly display SFP monitoring data
- qsfp - fixed EEPROM checksum validation
- qsfp - show more QSFP module diagnostics
- wireless - include last frequency when manually setting frequency step in "scan-list"
更新時間:2019-08-28
更新細節:
更新時間:2019-08-01
更新細節:
What's new in this version:
Important note:
- Due to removal of compatibility with old version passwords in this version, downgrading to any version prior to v6.43 (v6.42.12 and older) will clear all user passwords and allow password-less authentication. Please secure your router after downgrading.
- Old API authentication method will also no longer work, see documentation for new login procedure
- Certificate: renew certificates via SCEP when 3/4 of lifetime reached
- Crs317: fixed multicast packet receiving (introduced in v6.45)
- Hotspot: fixed default profile values not being used (introduced in v6.45)
- Rb4011: fixed SFP+ interface linking (introduced in v6.45.2)
- Smips: reduced RouterOS main package size (disabled LTE modem, dot1x and SwOS support)
- Supout: fixed SIM slot printing (introduced in v6.45)
- Wireless: improved U-APSD (WMM Power Save) support for 802.11e
更新時間:2019-07-19
更新細節:
What's new in this version:
- Due to removal of compatibility with old version passwords in this version, downgrading to any version prior to v6.43 (v6.42.12 and older) will clear all user passwords and allow password-less authentication. Please secure your router after downgrading
- Old API authentication method will also no longer work, see documentation for new login procedure
- Bonding - fixed bonding running status after reboot when using other bonds as slave interfaces (introduced in v6.45)
- Cloud - properly stop "time-zone-autodetect" after disable
- Interface - fixed missing PWR-LINE section on PL7411-2nD and PL6411-2nD (introduced v6.44)
- Ipsec - added "connection-mark" parameter for mode-config initiator
- Ipsec - allow peer argument only for "encrypt" policies (introduced in v6.45)
- Ipsec - fixed peer configuration migration from versions older than v6.43 (introduced in v6.45)
- Ipsec - improved stability for peer initialization (introduced in v6.45)
- Ipsec - show warning for policies with "unknown" peer
- Ospf - fixed possible busy loop condition when accessing OSPF LSAs
- Profile - added "internet-detect" process classificator
- Radius - fixed "User-Password" encoding (introduced in v6.45)
- Ssh - do not enable "none-crypto" if "strong-crypto" is enabled on upgrade (introduced in v6.45)
- Ssh - fixed executed command output printing (introduced in v6.45)
- Supout - fixed supout file generation outside of internal storage with insufficient space
- Upgrade - fixed "auto-upgrade" to use new style authentication (introduced in v6.45)
- Vlan - fixed "slave" flag for non-running interfaces (introduced in v6.45)
- Wireless - improved 802.11ac stability for all ARM devices with wireless
- Wireless - improved range selection when distance set to "dynamic"
更新時間:2019-07-01
更新細節:
What's new in this version:
Important note:
- Due to removal of compatibility with old version passwords in this version, downgrading to any version prior to v6.43 (v6.42.12 and older) will clear all user passwords and allow password-less authentication. Please secure your router after downgrading
Changes:
- added support for IEEE 802.1X Port-Based Network Access Control
- added support for EAP authentication methods (eap-tls, eap-ttls, eap-peap, eap-mschapv2) as initiator
- removed insecure password storage
- correctly display bridge FastPath status when vlan-filtering or dhcp-snooping is used
- correctly handle bridge host table
- fixed log message when hardware offloading is being enabled
- improved stability when receiving traffic over USB modem with bridge firewall enabled
- fixed CAP system upgrading process for MMIPS
- fixed interface-list usage in access list
- improved packet processing after overloading interface
- added "key-type" field
- added support for ECDSA certificates (prime256v1, secp384r1, secp521r1)
- fixed self signed CA certificate handling by SCEP client
- made RAM the default CRL storage location
- removed DSA (D) flag
- removed "set-ca-passphrase" parameter
- legacy adapters require "disable-running-check=yes" to be set
- added "replace" parameter for backup "upload-file" command
- fixed GRE protocol packet connection-state matching (CVE-2014-8160)
- significant stability and performance improvements
- fixed known multicast flooding to the CPU
- added ethernet tx-drop counter
- correctly display auto-negotiation information for SFP/SFP+ interfaces in 1Gbps rate
- fixed auto negotiation when 2-pair twisted cable is used (downshift feature)
- fixed "tx-drop" counter
- improved switch-chip resource allocation on CRS326, CRS328, CRS305
- added "custom-script" field that prints custom configuration installed by Netinstall
- automatically set "installation" parameter for outdoor devices
- changed default configuration type to AP for cAP series devices
- fixed channel width selection for RU locked devices
- create dual stack queue based on limitations specified on DHCPv4 server lease configuration
- do not require lease and binding to have the same configuration for dual-stack queues
- show warning in log if lease and binding dual-stack related parameters do not match and create separate queues
- added "client-mac-limit" parameter
- added IP conflict logging
- added RADIUS accounting support with queue based statistics
- added "vendor-class-id" matcher (CLI only)
- improved stability when performing "check-status" command
- replaced "busy" lease status with "conflict" and "declined"
- added option to disable rapid-commit
- fixed status update when leaving "bound" state
- added additional RADIUS parameters for Prefix delegation, "rate-limit" and "life-time"
- added "address-list" support for bindings
- added "insert-queue-before" and "parent-queue" parameters
- added RADIUS accounting support with queue based statistics
- added "route-distance" parameter
- fixed dynamic IPv6 binding without proper reference to the server
- override prefix pool and/or DNS server settings by values received from RADIUS
- correctly create neighbors from VLAN tagged discovery messages
- fixed CDP packets not including address on slave ports (introduced in v6.44)
- improved neighbour's MAC address detection
- limit max neighbour count per interface based on total RAM memory
- show neighbors on actual mesh ports
- include "message-id" identification field in e-mail header
- properly release e-mail sending session if the server's domain name can not be resolved
- added support for 25Gbps and 40Gbps rates
- fixed running (R) flag not present on x86 interfaces and CHR legacy adapters
- increased loop warning threshold to 5 packets per second
- added SFTP support
- improved user policy lookup
- fixed fragmented packet processing when only RAW firewall is configured
- process packets by firewall when accepted by RAW with disabled connection tracking
- fixed missing minus close to zero coordinates in dd format
- make sure "direction" parameter is upper case
- strip unnecessary trailing characters from "longtitude" and "latitude" values
- use "serial0" as default port on LtAP mini
- added "interface-mac" variable to HTML pages
- moved "title" HTML tag after "meta" tags
- adjusted debug packet logging topics
- added support for ECDSA certificate authentication (rfc4754)
- added support for IKE SA rekeying for initiator
- do not send "User-Name" attribute to RADIUS server if not provided
- improved certificate verification when multiple CA certificates received from responder
- improved child SA rekeying process
- improved XAuth identity conversion on upgrade
- prefer SAN instead of DN from certificate for ID payload
- improved logging for IPv6 Pool when prefix is already in use
- added dynamic comment field for "active-peers" menu inherited from identity
- added "ph2-total" counter to "active-peers" menu
- added support for RADIUS accounting for "eap-radius" and "pre-shared-key-xauth" authentication methods
- added traffic statistics to "active-peers" menu
- disallow setting "src-address" and "dst-address" for transport mode policies
- do not allow adding identity to a dynamic peer
- fixed policies becoming invalid after changing priority
- general improvements in policy handling
- properly drop already established tunnel when address change detected
- renamed "remote-peers" to "active-peers"
- renamed "rsa-signature" authentication method to "digital-signature"
- replaced policy SA address parameters with peer setting
- use tunnel name for dynamic IPsec peer name
- improved system stability when receiving bogus packets
- renamed SIM slots "up" and "down" to "2" and "3"
- added initial support for Vodafone R216-Z
- added passthrough interface subnet selection
- added support for manual operator selection
- allow setting empty APN
- allow to specify URL for firmware upgrade "firmware-file" parameter
- do not show error message for info commands that are not supported
- fixed session reactivation on R11e-LTE in UMTS mode
- improved firmware upgrade process
- improved "info" command query
- improved R11e-4G modem operation
- renamed firmware upgrade "path" command to "firmware-file" (CLI only)
- show alphanumeric value for operator info
- show correct firmware revision after firmware upgrade
- use default APN name "internet" when not provided
- use secondary DNS for DNS server configuration
- added support for additional Serial Console port on GPIO headers
- added support for link scope opaque LSAs (Type 9) for OSPFv2
- fixed opaque LSA type checking in OSPFv2
- improved "unknown" LSA handling in OSPFv3
- added "verify-server-certificate" parameter for OVPN client (CVE-2018-10066)
- added initial support for Quectel BG96
- increased minimal free RAM that can not be used for proxy services
- improved system stability when receiving bogus packets
- fixed MAC address duplication between sfp-sfpplus1 and wlan1 interfaces (wlan1 configuration reset required)
- improved system stability ("/system routerboard upgrade" required)
- renamed 'sim' menu to 'modem'
- fixed S-35LC20D transceiver DDMI readouts after reboot
- added USSD message functionality under "/tool sms" (CLI only)
- allow specifying multiple "allowed-number" values
- improved delivery report logging
- added "dot1dStpPortTable" OID
- added OID for neighbor "interface"
- added "write-access" column to community print
- allow setting interface "adminStatus"
- fixed "send-trap" not working when "trap-generators" does not contain "temp-exception"
- fixed "send-trap" with multiple "trap-targets"
- improved reliability on SNMP service packet validation
- properly return multicast and broadcast packet counters for IF-MIB OIDs
- accept remote forwarding requests with empty hostnames
- added new "ssh-exec" command for non-interactive command execution
- fixed non-interactive multiple command execution
- improved remote forwarding handling (introduced in v6.44.3)
- improved session rekeying process on exchanged data size threshold
- keep host keys when resetting configuration with "keep-users=yes"
- use correct user when "output-to-file" parameter is used
- improved stability when received traffic hits tarpit firewall
- added IPv6 ND section to supout file
- added "kid-control devices" section to supout file
- added "pwr-line" section to supout file
- changed IPv6 pool section to output detailed print
- properly reapply settings after switch chip reset
- added "max-block-size" parameter under TFTP "settings" menu (CLI only)
- improved link fault detection on SFP+ ports
- added LTE CQI and IMSI parameter support
- fixed potential memory corruption
- improved error reporting with incorrect firware upgrade XML file
- improved stability when sending large ping amounts
- improved stability when stopping traffic generator
- removed "local-address" requirement when "ipsec-secret" is used
- added support for "Delegated-IPv6-Pool" and "DNS-Server-IPv6-Address" (CLI only)
- do not show unused "dmg" paramete
- prefer AP with strongest signal when multiple APs with same SSID present
- show running frequency under "monitor" command
- added "System/SwOS" menu for all dual-boot devices
- do not allow setting "dns-lookup-interval" to "0"
- show "LCD" menu only on boards that have LCD screen
- fixed frequency duplication in the frequency selection menu
- fixed incorrect IP header for RADIUS accounting packet
- improved 160MHz channel width stability on rb4011
- improved DFS radar detection when using non-ETSI regulated country
- improved installation mode selection for wireless outdoor equipment
- set default SSID and supplicant-identity the same as router's identity
- updated "china" regulatory domain information
- updated "new zealand" regulatory domain information
- improved client-initiated renegotiation within the SSL and TLS protocols (CVE-2011-1473)
更新時間:2019-07-01
更新細節:
更新時間:2019-05-06
更新細節:
更新時間:2019-05-04
更新細節:
更新時間:2019-05-04
更新細節:
更新時間:2019-05-01
更新細節:
What's new in this version:
New Features:
- Added main menu items 'Group', 'Entry' and 'Find', which contain all commands related to groups and entries (supersets of context menus); removed 'Edit' main menu item, because all of its commands are included in the three new main menu items
- Added support for a system-wide hot key to auto-type only the password of a matching entry; by default, the hot key is Ctrl+Alt+Shift+A, changeable in the options dialog
- When double-clicking the URL cell of an entry in the main entry list while holding down the Shift key, KeePass now copies the URL to the clipboard (a double-click without Shift continues to open the URL; the option 'Copy URLs to clipboard instead of opening them' reverses this behavior)
- Added quick edit commands 'Expires: Now' and 'Expires: Never'
- There now are two commands for copying a whole entry to the clipboard: 'Copy Entry (Encrypted)' and 'Copy Entry (Unencrypted)'; the first one encrypts the data for the current user using the Windows DPAPI
- Added Ctrl+Shift+P shortcut for printing the currently selected group
- The creation time and the last modification time of an entry are now displayed on the 'History' tab of the entry editing dialog
- Added support for importing Steganos Password Manager 20 CSV files
- Added support for importing Bitwarden 1.12 JSON files
- Mozilla Bookmarks JSON import: added support for importing tags (new format, in addition to the old format) and keywords
- Enhanced the Enpass import module to support TXT files created by version 6.0.4
- The language selection dialog now also lists KeePass 1.x LNG files; when trying to select such a file, an informative error message is displayed
- Added 'Cancel' command in the context menu of KeePass' system tray icon, which can be used to abort opening and saving a database file
- Added '-cancel' command line option, which causes all other KeePass instances to cancel opening/saving a database file
- Added '-auto-type-password' command line option (other running KeePass instances auto-type only the password of a matching entry)
- Added '-e1:' command line parameter, which works like '-e:', but is handled by only one other instance; '-e:' is handled by all other instances
- When compiling a PLGX plugin, KeePass now defines a 'KP_V_*_*_*' symbol, where the asterisks specify the KeePass version (for example, 'KP_V_2_42_0' for version 2.42)
- Added workarounds for .NET Caps Lock warning tooltip bug
- Added workaround for Mono grid view default color bug
- Added workaround for OneDrive bug on Windows 1809
Improvements:
- Auto-Type: improved sending of characters that are realized with the AltGr key
- Auto-Type: improved compatibility with VirtualBox 6 and VMware Player
- Improved user interface behavior while opening a database file
- Accelerator key improvements
- Replaced 4 and 8 weeks expiry date search commands by 1 and 2 months (taking the number of days in the months into account)
- Improved hot key controls (better key combination handling and display)
- The hot key controls in the options dialog now support entering hot keys that are already registered by KeePass
- Improved field to standard field mapping function
- Improved new-line handling of several import modules
- When a file import fails, KeePass now shows a more detailed error message
- After changing the color of an entry using a quick edit command, the entries are deselected now, such that the new color is visible immediately
- Moved 'Print Emergency Sheet' command into 'File' → 'Print'
- The pattern-based password generator now supports repeating escaped characters using '{...}'
- The pattern-based password generator now refuses to generate a password if the pattern is (partially) invalid
- Turning off the 'Unhide Passwords' policy now enforces hiding passwords in a few more places/situations
- New-line characters at the end of the output of a {CMD:...} placeholder are now removed (analogous to $(...) and `...` shell command substitutions)
- The {URL:SCM} and {BASE:SCM} placeholders now work with arbitrary data having a ':'-terminated prefix
- Improved {URL:RMVSCM} and {BASE:RMVSCM} placeholders ('//' authority prefix is removed, but not '/')
- The '-entry-url-open' command line option is now handled by all other KeePass instances (instead of only one)
- Path traversal with attachment names is not possible anymore
- Removed the option 'Show tray icon only if main window has been sent to tray' from the options dialog (due to possible denial-of-service problems); if you want to hide the icon, it is recommended to configure this in the system settings instead
- Improved reading of KDBX XML documents with unknown elements
- Improved JSON parser
- Various UI text improvements
- Various code optimizations
- Minor other improvements
Bugfixes:
- Fixed a crash that could occur when trying to import certain Mozilla Bookmarks JSON files
- Fixed a crash that could occur when trying to import certain files with very deeply nested groups
- Fixed handling of paths with folder/file names containing quotes (which can occur on Unix-like systems only)