Important: This release includes important security fixes for the base OS, application runtime and application dependencies. We recommend all customers updating to the latest version as soon as possible. To learn more about how to update your deployment to the latest version, please refer to our documentation on how to update KUY.io Konnect™ access server.

Package	Vulnerability ID	Severity
busybox	CVE-2022-28391	CRITICAL
freetype	CVE-2022-27404	CRITICAL
gdk-pixbuf	CVE-2021-44648	HIGH
libcrypto1.1	CVE-2022-0778	HIGH
libretls	CVE-2022-0778	HIGH
libssl1.1	CVE-2022-0778	HIGH
libxml2	CVE-2022-23308	HIGH
libxml2	CVE-2022-29824	MEDIUM
ssl_client	CVE-2022-28391	CRITICAL
tiff	CVE-2022-0891	HIGH
tiff	CVE-2022-0561	MEDIUM
tiff	CVE-2022-0562	MEDIUM
tiff	CVE-2022-0865	MEDIUM
tiff	CVE-2022-0907	MEDIUM
tiff	CVE-2022-0908	MEDIUM
tiff	CVE-2022-0909	MEDIUM
tiff	CVE-2022-0924	MEDIUM
tiff	CVE-2022-22844	MEDIUM
xz-libs	CVE-2022-1271	HIGH
zlib	CVE-2018-25032	HIGH
zlib-dev	CVE-2018-25032	HIGH

v2202.1

This is a maintenance release that fixes a bug with the rendering of configuration files. It is recommended for all customers to upgrade as soon as possible.

Bugfix: client device IP addresses can be rendered wrong when updating device settings.

v2202.0

This release includes important bug fixes, security updates, and makes setting up sync with your LDAP directory even better.

Improvement: Client configuration files are now named after your KUY.io Konnect™ access server deployment and have shorter filenames to prevent the "Tunnel name too long" error message for Windows clients.
Improvement: With this version we have introduced support for non-encrypted LDAP connections, however please be advices that we strongly recommend against using plain-text LDAP for production deployments!
Improvement: When configuring and testing your LDAP integration, we provide much more detailed diagnostic messages to better help guide your configuration experience.
Improvement: We've made various improvements to the admin and user portal UI
Improvement: We've improved the client device setup instructions to make it even easier for end-user to follow along and setup their devices.

Important: This release includes important security fixes for the base OS, application runtime and application dependencies. We recommend all customers updating to the latest version as soon as possible. To learn more about how to update your deployment to the latest version, please refer to our documentation on how to update KUY.io Konnect™ access server.

Package	Vulnerability ID	Severity
expat	CVE-2022-23852	CRITICAL
	CVE-2022-23990	CRITICAL
	CVE-2022-25235	CRITICAL
	CVE-2022-25236	CRITICAL
	CVE-2022-25315	CRITICAL
	CVE-2022-25313	HIGH
	CVE-2022-25314	HIGH
bundler	CVE-2021-43809	HIGH
actionpack	CVE-2022-23633	HIGH
nokogiri	CVE-2021-30560	HIGH
puma	CVE-2022-23634	HIGH
url-parse	CVE-2022-0512	HIGH
follow-redirects	CVE-2022-0536	MEDIUM
libblkid	CVE-2021-3995	MEDIUM
	CVE-2021-3996	MEDIUM
	CVE-2022-0563	MEDIUM
libmount	CVE-2021-3995	MEDIUM
libmount	CVE-2021-3996	MEDIUM
	CVE-2022-0563	MEDIUM
libuuid	CVE-2021-3995	MEDIUM
	CVE-2021-3996	MEDIUM
	CVE-2022-0563	MEDIUM

v2201.0

This release includes support for different traffic policies including custom split-tunneling, as well as bug fixes and security updates!

Feature: we added traffic policies and the ability to specify a default traffic policy for new devices. You can now choose to either route all network traffic through your VPN, only traffic bound for VPN devices, or create a custom split tunneling setup.
Feature: per-device policy overrides allow you to set a custom traffic policy for specific devices.

Important: This release includes important security fixes for the base OS, application runtime and application dependencies.

Package	Vulnerability ID	Severity
ansi-html	CVE-2021-23424	HIGH
follow-redirects	CVE-2022-0155	HIGH
node-forge	CVE-2022-0122	MEDIUM
postcss	CVE-2021-23382	MEDIUM

v2112.0

This release includes exciting new security and customization features, as well as bug fixes and security updates!

Feature: we've added a new "Quantum-Resistance Mode" switch that you can optionally enable for client devices connecting to the VPN. Read more about this exciting new feature in our blog post.
Feature: you can now customize the display name of your Konnect™ server deployment to better reflect your business brand.
Feature: you can now customize the displayed logo of your Konnect™ server deployment to better reflect your business brand.
Improvement: Konnect™ server deployments now show a friendly version in the application footer.
Improvement: we've updated the wording in email notifications to be easier to read and understand for end-users.
Bugfix: Konnect™ server now correctly reloads and applies the VPN client device configuration after editing the device details.

Important: This release includes important security fixes for the base OS, application runtime and application dependencies.

Package	Vulnerability ID	Severity	Status
Bundler	CVE-2021-43809	HIGH

To learn more about how to update your deployment to the latest version, please refer to our documentation.

v2111.0

KUY.io Konnect™ is now available as a 1-click image on the DigitalOcean cloud marketplace. Check out our documentation on how to deploy and configure Konnect™ access server on DigitalOcean.

Important: This release includes important security fixes for the base OS, application runtime and application dependencies.

Package	Vulnerability ID	Severity
Ruby	CVE-2021-41817	HIGH
Ruby	CVE-2021-41816	HIGH
Ruby	CVE-2021-41819	HIGH
busybox	CVE-2021-42378 - CVE-2021-42386	HIGH
busybox	CVE-2021-42374	MEDIUM
busybox	CVE-2021-42375	MEDIUM
imagemagick	CVE-2021-34183	HIGH
libmount	CVE-2021-37600	MEDIUM
libpq	CVE-2021-23214	HIGH
libmount	CVE-2021-23222	LOW
libuuid	CVE-2021-37600	MEDIUM
ssl_client	CVE-2021-42378 - CVE-2021-42386	HIGH
ssl_client	CVE-2021-42374 - CVE-2021-42375	MEDIUM

To learn more about how to update your deployment to the latest version, please refer to our documentation.

v2110.0

Beginning with our first maintenance release, we have switched our versioning schema to better reflect our continuous delivery schedule. Going forward, released are labeled as:

prefixed with v
followed by the two digit year code (e.g., '21' for 2021, or '22' for 2021)
followed by the two digit month code (e.g., '09' for September)
followed by a '.' separator
suffixed with an increasing maintenance release number, starting at 0 with every release

This maintenance release addresses vulnerabilities in the following application dependencies:

Package	Vulnerability ID	Severity
nokogiri	CVE-2021-41098	HIGH
puma	CVE-2021-41136	LOW
ansi-regex	CVE-2021-3807	HIGH
nth-check	CVE-2021-3803	HIGH
set-value	CVE-2021-23440	CRITICAL

To learn more about how to update your deployment to the latest version, please refer to our documentation.

v1.0.0

Today marks a big milestone for us! We've officially launched 1.0 into the market with images publicly available on ghcr.io/kuyio/konnect

[UI] Fixed a problem with copy to clipboard button not copying Server ID on certain browsers
[System] Update OS image dependencies to latest versions

v1.0.0-rc10

This is the final release candidate before version 1.0.

[System] update security and lint test suite dependencies
[System] update alpine base image
[Security] ensure we pass all vulnerability tests before final 1.0 release

v1.0.0-rc9

[Admin Portal] added dialog that displays SMTP server error responses when sending a test email fails, to better help administrators diagnose.

v1.0.0-rc8

[UX] Added on-boarding wizard and empty state dialogs to guide new administrators through first-time setup, configuration and use.

v1.0.0-rc7

[UI] fix wording as suggested through user testing.
[UI] improve interface as per user testing suggestions.
[UI] make all margins and UI elements work, look and behave consistently across browsers, platforms and devices
[Admin Portal] fix a problem where changing SMTP server settings would not be applied until server restart

v1.0.0-rc6

Internal release to ensure top-hatting test-suite works as intended as part of CI process.

v1.0.0-rc5

[Security] upgrade application dependencies to fix CVE 2021-22942

v1.0.0-rc4

Internal release candidate for user testing.

v1.0.0-rc3

[UI] added custom error pages for 400, 500 type errors

v1.0.0-rc2

Internal release to ensure our automated build processes work as intended and execute all test-suites.

v1.0.0-rc1

A big thank you to all our beta customers! Your feedback and guidance has been instrumental in making KUY.io Konnect™ a wonderful experience. We have now fully implemented all features that we set out to have for our 1.0 release. The next few releases are tagged as _release candidates* for 1.0, meaning that we will concentrate primarily on fixing bugs, polishing the user interface and making sure we have a great user experience end-to-end.

[UI] general improvement of the user interface and user experience on mobile devices
[Security] add automated vulnerability scanning for the application, all application dependencies, and the built Docker images to the build process
[Security] ensure we pass all vulnerability scans

v0.11.1

fix creating or removing a device in certain conditions fails to reload VPN configuration

v0.11.0

You can now print device setup instructions! We have added a Print button to the device setup guide pages in the Administrator and User portals, and render the setup instructions in letter format.

fix a problem where the hamburger menu would not trigger on mobile devices (#21)
[Admin Portal], [User Portal] support printing of device setup instructions (#22)
[Admin Portal], when downloading configuration profiles, filenames now reflect device owner instead of logged in user (#24)

v0.10.0

KUY.io Konnect™ now integrates with your LDAP-compatible external user directory and synchronizes user accounts from the directory. Please refer to our documentation on how to integrate your external user directory to see how you can enable this feature.

[Admin Portal] configuration of LDAP-compatible user directory
[Admin Portal] detect presence of LDAP-synced user accounts and warn before disabling / removing LDAP integration
[System] periodic sync of accounts matching specified LDAP search query to Konnect™ server

v0.9.0

KUY.io Konnect™ now integrates with your E-Mail server to notify users and administrators about account and device activities. Please refer to our documentation on how to configure Konnect™ server for email sending to see how you can enable this feature.

[Admin Portal] configuration of email server settings
[System] Send notification emails for account creation, account removal, device provision, device de-provision operations when email sending is enabled.

v0.8.1

[Admin Portal] fix problems with being unable to edit user details (#17)

v0.8.0

Note: Starting with version 0.8.0, Konnect™ server requires a license key. Please see our documentation on licensing on how to add your beta license key to your deployment. If you haven't received a beta license key from use, please contact our support team.

The first release of 2021 comes with a swath of features and improvements!

[Admin Portal] sort devices by last online activity
[Admin Portal] break device lists into multiple pages for large deployments with 50+ devices
[Admin Portal] admins can now update the device name (#15)
[Admin Portal] fix the calculation of traffic statistics to include offline devices (#12)
[User Portal] allow users to edit their profile (#14)
[UI] the footer will stay pinned to the bottom of each page (WG-55)
[UI] improve font-size for better readability (WG-56)
[UI] highlight setup token in console output (#13)
[UI] highlight setup token in console output (#13)
[UI] fix various user interface issues reported by you (WG-45, WG-50, WG-52, WG-57, WG-60)
[System] upgrade application-internal dependencies to latest versions
[System] deploy application to an internal-only network, bridged by a reverse proxy to improve network security (WG-20)
[System] application licensing and enforcement of license limits

v0.7.5

Important: We are switching to a new Docker repository! Please update your application stack configuration!

if you haven't done so yet, please update your docker-compose.yml application stack file to point to ghcr.io/kuyio/konnect:latest.
improved security for administrator portal
fix formatting of device listing for users with the Safari desktop browser

v0.7.4

user interface improvements for mobile browsers

v0.7.3

user interface improvements for desktop browsers

v0.7.2

Internal testing release for user interface improvements.

v0.7.1

This is a maintenance release to our closed beta customers.

fix crash during first-time configuration when failing to specify network address in CIDR notation (WG-27)

v0.7.0

Welcome to the first closed beta release!

use the smaller Alpine linux images for the application stack to save space
determine client device online/offline status via ICMP ping
automatically start VPN tunnel interface when first-time configuration wizard finishes

v0.6.0

added device setup instructions
generate setup QR code for mobile device clients
user interface overhaul