The Alinto team is pleased to announce the immediate availability of SOGo v5.12.6. This is a minor release of SOGo that fix a regression from 5.12.5.
Regression on 5.12.5
The regression is on the 5.12.5 and nightly from 26th February to 20th March.
New user added to your user source could not set up the totp.
If they do it:
- everything works and seems fine
- if they logout and login again, instead of seeing a prompt to enter the totp code, they will have a message
Two-factor authentication has been disabled. Visit the Preferences module to restore two-factor authentication and reconfigure your TOTP application. - Then they will be redirected to their mail view normally. With their totp disabled
Fix
- vulnerability: new user can properly use totp (623f08)