We are pleased to announce Topicus KeyHub 14.2. This release features the extra authorization upon activation for groups and adds an option for rebranding. As usual, a number of smaller improvements have been made and several issues have been fixed. Before upgrading to 14.2 be sure to read the following important notices.
Important notice: Undisclosed security vulnerability
TKH-1217 Internal auditing revealed that authenticated users had unintended privileges. Malicious intent could have led to the loss of data. We strongly recommend all installations to be upgraded to 14.2. Topicus KeyHub customers can enquire for more information.
Another pair of eyes
TKH-594 Not all groups are created equal, some are just more precious than others. For those groups that require more vigilance we now offer an extra authorization step before it can be activated. This activation request is reviewed by a member of the configured authorization group.
Secure and stylish
TKH-507 Sometimes it requires a small personal touch before you can call it home. We now allow our users to rebrand Topicus KeyHub with their own logo.
The following smaller improvements and bug fixes were made:
TKH-1179Bookmarkable URLs are more efficiently rendered.
TKH-1197Most properties of the Keyhub administrator group are now changeable.
TKH-1203You can now specify if your provisioned Active Directory supports public SSH keys on its accounts.
TKH-1204Audit records for activating and deactivating a group are now visible to its group manager.
TKH-1205A Topicus KeyHub installation is now no longer indexable by robots.
TKH-1207You can now enable verbose logging around provisioning.
TKH-1208Fixed an unjust notification when you combined static provisioning with source directory provisioning with an account from a different directory.
TKH-1209Fixed an initialization problem for accounts using a rotating password when they entered a static provisioned group.
TKH-1210The full provisioning sync can now also add new provisioned accounts.
TKH-1211Fixed a bug in the browser extension where the username wasn't automatically filled in correctly in some scenarios.