Release notes for Mividas Identify (previously Mividas Connect).
[1.1.0] - 2024-12-22
Added
- Add support for SAML SP metadata-XML and SLO
- Add german translation
Fixed
- Fix reloading updated meetings after meetings list has been loaded
- Redirect back to meetings list if joining meeting fails
Security
- Upgrade Django, cryptography, libexpat1, libgnutls30, gunicorn, libc-bin, patch django-rest-framework
- Related CVEs: CVE-2023-43665, CVE-2023-50782, CVE-2023-52425, CVE-2024-0553, CVE-2024-1135, CVE-2024-26130, CVE-2024-2961, CVE-2024-33599, CVE-2024-21520
Changed
- Enable HSTS SSL headers
- Use HTTP proxy for all requests
- Change syslog format to LogFmt, include additional context
- Upgrade base python version and libraries
[1.0.1] - 2023-07-12
Renamed "Mividas Connect" to "Mividas Identify"
Fixed
- Clear meeting list when session expires
- Reload meeting list when no meetings are still valid
- Display more error messages in user interface
Security
- Upgrade django
- Related CVEs: CVE-2023-36053
[1.0.1-rc1] - 2023-04-28
Fixed
- Support domain names longer than 50 characters
- Extend session expiry on manual actions
- Clear meeting list upon session expiration
Security
- Upgrade django, cryptography, sentry-sdk
- Related CVEs: CVE-2023-23969, CVE-2023-24580, CVE-2023-28858, CVE-2023-28117
- Sanitize invite HTML-content
Changed
- Log BankID-errors to console
- Require manual action to refresh SIP PIN-code
[1.0.0] - 2023-01-18
Fixed
- Fix join meeting user interface for smaller screens, and for longer text translations
[1.0.0-rc1] - 2022-11-24
This version is required if running Mividas Portal v2.9.0-rc1 or later. Downgrades requires re-setting all passwords and certificates in backend admin
Added
- More detailed error messages for end users upon login failures
- Display information about expired session without user interaction if leaving tab too long in background
- Add French translation
- Add support to use email field for SAML-login to enable matching against internal users
- Add separate landing page for SMS code-login
- Add support to reuse previous meeting code if server could not be contacted upon login
Fixed
- Fix test video-meeting link
- Fix saving branding settings in onboarding wizard
Changed
- Increase SAML allowed clock skew to 15 seconds
- Update layout for better support for text changes/translations with varying text length
- Pass meeting code using location hash (#?code=) instead of query string to leave it out of browser history
- Encrypt all end user data before storing in temporary session store
- Encrypt API, SAML-metadata and certificate passwords before storing in database
- Update user interface if logging in/out in another tab
- Display loading indicators for all end user actions
- Validate color settings syntax
- Allow more formats of support phone number
- Update settings form layout and error handling
- Set Secure-flag for session- and csrf-cookie
Security
- Upgrade django, pydantic, paramiko
[1.0.0-beta2] - [2022-05-31]
Added
- Log API errors to console log
- Add IVR phone number to branding settings
Fixed
- Fix uploading only one of favicon and logo during onboarding wizard
- Hide test url if not set in theme settings
- Fix countdown until meeting opens if distance is over 24h
Changed
- Validate URL format for remote SAML metadata
- Display warning message in UI if login was successful but no meetings matching user was found
- Improve design for join by phone-dialog
[1.0.0-beta1] - [2022-05-13]
- General workup of most functionality
Added
- Join by phone using theme setting for IVR number
- Add support to categorize authentication types as internal SSO login or eID
[1.0.0-alpha] - [2022-02-25]
Initial public test release