7.5.0

Bugfix Enhancement

Keyword: SecurityIssue

Major

#26563

Checking dependencies for security vulnerabilities

#26864

Force password change when administrator assigns password

Detail

#26510

Update library log4j to version >= 2.16.0

#26755

Update CKEditor to version 4.19.1

#26889

Encrypt Pepper in Argon Hashing

Detail

#25501

EncodeConfigurationValues.jsp writes unquoted parameters to the GUI

#26635

Remove dependency on apache-mime4j-0.3.jar

#26637

Raise dependency pac4j to version 5.3.1

#26638

Raise dependency H2 to version 2.1.210

#26640

Remove dependency openxml4j

#26641

Update Jetty to 9.4.45.v20220203

#26646

Udate POI to version 5.2.2

#26647

Update jsoup to version 1.14.3 and guice to version 5.1.0

#26649

Update commons-io to version 2.11.0

#26660

Remove TL Remote

#26694

replace itext 2.1.7 with openpdf 1.3.27

#26867

Configuration uses unencrypted SMTP and IMAP password

#26873

Application monitor "Environment variables" may display safety-critical values

#26874

Service Editor displays "secret" of the OpenID service

#26996

ChartJS Update to 3.9.1

#26997

JSoup Update to 1.15.3

#26998

Update Batik Graphics to 1.15

#27040

Jackson FasterXML Update to 2.13.4

#27043

Batik update to 1.16

#27147

Update Dependency Check to version 7.4.4 or above