Version 11.3.1_28

<br>
11.3.1 mainly has an unauthenticated access bug fix and updated SFTP/SMB libraries<br/>
<h2>CrushFTP 11.3.1 been released!</h2><br>
<br/>
11.3.1<br/>
_28:fix for AS2 MDN responses coming through DMZ<br/>
_27:fix for WebSocket downloads that are overwhelming a client browser...now uses dedicated socket for acking chunks<br/>
_26:fix for clearing out all old job engine history after applying an update, faster job engine communication, and WebSocket upload/download stability improvements<br/>
_25:improvements to job engine communication, clearing old objects, and webdav improvements<br/>
_24:fix for ConenctionProfiles and limited admin not understanding an item is a connections profile<br/>
_23:fix for purging expired users and replication...race condition could break groups.XML or inheritance.XML<br/>
_22:fix for single ServerBeat server without any functional pair servers...it will still become master<br/>
_21:fix timeouts on sockets for replication, DMZ, and ServerBeat  not correctly honoring the expected timeout for a failed connection<br/>
_20:fix for uploads not allowing re-upload of the same filename in the same session<br/>
_19:fix for OIDC and OAUTH buttons on login screen not working<br/>
_18:fix for TempAccounts and VFS permissions when using MFA via DMZ<br/>
_17:added ability to do a mass hashing of passwords on users<br/>
_16:increased logging on all cloud protocols and improved error handling on cloud protocols.  (S3,OneDrive,Box,etc)<br/>
_15:improved feedback for slow azure uploads via WebInterface and improved JobEngine connections and closures<br/>
_14:improved job caching to save and reload local cache info avoiding need to re-cache on any restart<br/>
_13:improved job handling by utilizing cached job listing instead of making a new request every time<br/>
_12:fixed how various reports show user information across multiple User Connection Groups<br/>
_11:updated SMB libraries to fix issue with FSX servers and other special cases<br/>
_10:fix for blocking uploads for certain filename patterns that didn't match what we expected<br/>
_9:added support for un-archiving .tar and .tar.gz using the Unzip task<br/> 
_9:added support for .tar, tar.gz, .7z archive creation using the Zip task<br/>
_8:updated Let'sEncrypt HTP connection handling<br/>
_7:added user created date filter for the User Usage report<br/>
_6:authentication fix (Credit:Outpost24) and event path trigger handling fixes<br/>
11.3.0<br/>
_5:updated SFTP library for some minor bug fixes<br/>
_4:s3 engine improvements and kms server side encryption fixes for amazon<br/>
_3:added ability to check encrypted sizes on SMB3:// locations for PGP downloads and reporting accurate size info.  smb3_check_encrypted_header flag<br/>
_2:update thread name with current job info for better debugging<br/>
_1:added file extensions for WebInterface download blocking<br/>
_0:released<br/>
<br/>
11.2.3<br/>
_27:updated SMB library to latest with many bug fixes and resolves MFA issues with SFTP through DMZ<br/>
_26:removed outdated UniSSO plugin<br/>
_25:fixes for MFA and expired passwords, download restrictions with zips, and limited admin directory navigation when multiple levels deep<br/>
_24:fix for upcoming share expiration notices<br/>
_23:fix for folder listings<br/>
_22:fixed expired passwords for SFTP not allowing client to change password<br/>
_21:fixes issue with double results of items in emails from events (not CrushTask)<br/>
_20:fixes logging bug created in build _19<br/>
_19:added flag daily_check_and_auto_update_on_idle to prefs.XML to allow for automated daily updating<br/>
_18:fixed bug with PGP keys not being loaded from the keystore correctly for the PGP task in jobs<br/>
_17:certificate export now correctly creates a zip of the der and pem encoded files<br/>
_16:supports limited admin utilizing connection profiles for remote VFS items<br/>
_15:better usage of our own hostname for ServerBeat and replicated servers (ignores our own hostname)<br/>
_14:fix for unzip logic and its retries in jobs<br/>
_13:updated apache commons jars to help with compression algorithm updates<br/>
_12:performance fix for webdav connections<br/>
_11:fix for geoip country banning<br/>
_10:various fixes and enhancements for PGP key management (rename, permanent delete, restore, hide deleted, change keystore password)<br/>
_9:added global geoip blocking options for the server<br/>
_8:Initial OIDC support added<br/>
_7:fixes for LinkTask when running on other servers<br/>
_6:fix for allowing jobs to run on the DMZ via a link task from the internal server Job Scheduler<br/>
_5:fix for paste actions in the WebInterface reporting an error<br/>
_4:fix for DMZ not tracking archived dashboard history snapshots<br/>
_3:share reporting fixes<br/>
_2:possible fix for cloudflare HTTP requests that CF destroys the chunked handling on<br/>
_1:improved job engine communication when working with large jobs, much more CPU and memory friendly<br/>
_0:released.  password reset link vulnerability fix (CVE-2024-53552 - credit Stratascale Cyber Research Unit (CRU) team) and (CVE-2024-11986 - credit European Commission, Application Security Testing Services) 11/11/2024<br/>
11.2.2<br/>
_13:fixed bug with job scheduler not always enforcing one job running at a time.
_12:fixed bug related to cookie being tied to source IP<br/>
_11:added ability to re-route socket to another port based on IP banning rules<br/>
_10:attempting to fix version update cache issues with the WebInterface...browsers should stop having issues.<br/>
_9:fix for radius using PAP not giving a proper timeout message when bad credentials are used<br/>
_9:fix for MFA/OTP tokens with SFTP logins<br/>
_8:added sign and digest method to SAML plugin<br/>
_7:fixed automated update system to not leave behind tmp files on windows<br/>
_6:added flag for making SMB3 use old DNS resolution config (smb3_old_resolve_settings)<br/>
_6:added flag for all http connections to sue proxy (use_proxy_setings_for_all_http_call)<br/>
_5:added signing method to SAML plugin, default is still SHA1<br/>
_4:added config for SAML on Canonicalization Method and fixes bug with WinSCP and .filepart extensions for job flows<br/>
_3:fix for MFA tokens when going through DMZ<br/>
_2:improved update system to handle routing through DMZ or Internal server if one side is blocked and simplified the update mechanism<br/>
_1:remote job engines now use SSL for communication<br/>
_0:new version of SMB3 libraries to address slowness in DNS/reverse DNS resolution for shares<br/>
<br/>
11.2.1<br/>
_23:bug with server engine not passing responses to things back to jobs engine<br/>
_22:fixed bug with logging for jobs<br/>
_21:fixed invalid references to {path} variable in events</br>
_20:More improvements to Jobs engines running remotely<br/>
_19:Jobs engine has support for a pool of job servers now, no change for existing users by default, wiki articles coming soon.<br/>
_18:fixed an issue with memory leak of log data not being cleared in jobs engine<br/>
_17:converted update system to use our own HTTPClient mechanism to better support HTTP proxies for outbound connections<br/>
_16:fix for not getting login page but instead getting access denied page when you have a bad cookie<br/>
_15:efficiency improvements to jobs engine communication with server engine<br/>
_14:fixes for HTML emails and Link tasks with async job trigger<br/>
_13:fix for ServerBeat and shutdown process not always releasing the IP<br/>
_12:improvements to job engine to use less CPU when running events and scheduled jobs<br/>
_11:improvements to job engine communication to speed things up and prevent overloading issues<br/>
_10:SMB3 fixes for long delays on login/logoff, reading from zip files, and setting modified time of files<br/>
11.2.0<br/>
_9:fix for # characters in URLs<br/>
_8:added separate prefs controls for s3 uploaded_by and s3 md5<br/>
_7:fix same update popup notifications when there is no update, fix for url encoding of # character<br/>
_6:fix for never ban username not working<br/>
_5:added error checking for checking for updates to notify you if the server can't be reached<br/>
_4:updated SMB3 library with minor bug fixes<br/>
_3:fixes for share customizations and UI display issues<br/>
_2:fix for double url encoding on DMZ listings causing failures<br/>
_1:fix for javascript files not always downloading correctly<br/>
_0:Vulnerability patches for two different XSS exploits.  DMZ users are not affected by one of them.  CVE details will come later<br/>
_0:One XSS was related to a stored XSS vulnerability where an admin may trigger javascript at a later time, resulting in hidden changes being done from admin session<br/>
_0:2nd XSS was related to having a user click a specially crafted link...and if they were an admin, then hidden changes could be done from the admin session<br/>
_0:Updated SMB3 libraries for additional compatibility and bug fixes<br/>
<br/>
11.1.0<br/>
_0:VULNERABILITY PATCH FOR AUTHENTICATED SESSIONS.  DMZ users unaffected for now, but still should update immediately!<br/>
_1:fixed bug with admin actions being blocked<br/>
_2:fix bug with saving some jobs<br/>
_3:improved update status messages<br/>
_4:fixed Radius plugin so it works again<br/>
_5:many UI fixes for WebInterface shares and other minor UI tweaks.<br/>
_6:bug fix for HomeDirectory plugin in v11 not handling the user VFS config, and memory leak fix for Jobs engine<br/>
_7:improvements to Radius logging, and fix for replication allowing many threads to be opened when a replication server is not responding quickly<br/>
_8:fix for Radius based logins<br/>
_9:fix for MFA/OTP codes not displaying for entry on the WebInterface<br/>
_10:added logging for jobs engine communication object sizes<br/>
_11:fix for using DMZ for outbound connections in jobs and WebDAV fixes (reverted recent WebDAV changes)<br/>
_12:fix for using DMZ for outbound connections in jobs<br/>
_13:fix for jobs engine not honoring logging debug level<br/>
_14:fixed bug with S3Crush segmented downloads missing their last segment and downloads hanging<br/>
_15:fix issue with WebInterface not loading in _14<br/>
_16:fixes for URLs with special characters in the password due to changes starting with Java21 and WebInterface old code cleanup<br/>
_17:fix for IPs not always being tracked correctly in HTTP session<br/>
_18:rolled back password fixes for Java 21 that were causing problems for DMZ server connections<br/>
_19:rolled back IP changes for cookies, re-implemented password fixes for Java21<br/>
_20:fixed on remote job runs in managed agent, fix for sharepoint cache, rename retries for cut/paste, posix fix on VFS permissions, and renaming job fix for running jobs<br/>
_21:updated SFTP libraries to fix compatibility for some clients, fix for attaching files from remote locations in jobs, and fix for SMB3:// not being able to set modified time on files<br/>
<br/>
11.0.1<br/>
<b>Changes:</b><br/>
_11:jar file cleanup files<br/>
_12:updated javamail to latest, streamlined how SAML plugin operates to not need custom JVM flags<br/>
_13:updated all BouncyCastle jar files<br/>
_14:updated jQuery 1.12.1 to 1.13.2<br/>
_15:cleaned up old BouncyCastle jar files left over.<br/>
_17:cleanup of old beta code<br/>
_18:added some conditional Job logic capabilities<br/>
_19:re-written ServerBeat logic to handle more complex scenarios, as many priorities as needed, and as many servers as needed.<br/>
_20:updated BouncyCastle jars and SFTP libraries<br/>
_22:removed offending "bcprov-ext-jdk18on-1.78.jar" for being unsigned and causing all encryption activities to fail (Let'sEncrypt, SFTP, PGP, AS2, etc)<br/>
_23:improved Replication to avoid blocks when a server is offline<br/>
_25:the temporary acceptance of v10 codes in Crush v11 is no longer allowed, you must have an upgraded v11 code, not v10 code.<br/>
_26:architectural changes for the Replication with multiple servers and performance improvements for Jobs engine to server communication<br/>
<br/>
<b>Fixes:</b><br/>
_1:fixed recursive deletes on certain SMB3 servers<br/>
_2:fixed issues with WebSocket based transfers<br/>
_3:better logged in active session preservations across updates<br/>
_4:fixes for WebSocket based multiplexed downloads<br/>
_5:many fixes for WebSocket based transfers, and for Jobs engine running on Windows<br/>
_6:fix for pgp passwords stored in an old format<br/>
_7:fixes for WebSocket advanced upload/download and multi-threaded s3 downloads<br/>
_8:updated SFTP libraries to fix some StrictKex compatibility issues<br/>
_9:fixed problem where JOB_BROKER was stealing the update process...prior to _9 you may need to do a full restart</br>
_10:fixed I forgot my Password link not working.  There have also been fixes related to the ad-hoc sharing panel.<br/>
_13:fixed stop/pause/resume button not working on jobs<br/>
_16:fixed bug with email based PGP keys that were imported and had invalid names<br/>
_18:fixed proxy_protocol_ftp_pasv code that was not ported forward from v10<br/>
_21:changed how BouncyCastle is globally loaded<br/>
_24:fixed jobs to preserve sftp private key between find/copy steps<br/>
_27:fixes bug where user variables were not present in events they triggered<br/>
_28:fixes for jobs not running<br/>
_29:fixed some memory leaks related to replication and jobs engine<br/>
_30:fixed the restore user menu in the UserManager for difference User Connection Groups scenarios<br/> 
<br/>
<br/>