Version 11.3.2_0

<br>
11.3.2 mainly has an security patches and library updates to help with SMB3 connections.  ServerBeat bug fix for servers out of sync on their time, Jobs engine improvements in efficiency, and WebSocket optimizations<br/>
<h2>CrushFTP 11.3.2 been released!</h2><br>
<br/>
11.3.2<br/>
_0:Updated JNQ library for improved Amazon FsX compatibility<br/>
11.3.1<br/>
_32:fix for ServerBeat getting out of sync when server clocks are off by more then 5 seconds<br/>
_31:TOTP has enhancements to allow for SHA256 instead of SHA1...if you use an authenticator app that uses SHA256 (totp_hash_algorithm in prefs.XML)<br/> 
_30:fix for auto update for all daily builds being ignored<br/>
_29:better error displays for WebSocket upload info, faster canceling of uploads, faster cancel and re-upload of same files in WebInterface, updated jar libraries<br/>
_28:fix for AS2 MDN responses coming through DMZ<br/>
_27:fix for WebSocket downloads that are overwhelming a client browser...now uses dedicated socket for acking chunks<br/>
_26:fix for clearing out all old job engine history after applying an update, faster job engine communication, and WebSocket upload/download stability improvements<br/>
_25:improvements to job engine communication, clearing old objects, and webdav improvements<br/>
_24:fix for ConenctionProfiles and limited admin not understanding an item is a connections profile<br/>
_23:fix for purging expired users and replication...race condition could break groups.XML or inheritance.XML<br/>
_22:fix for single ServerBeat server without any functional pair servers...it will still become master<br/>
_21:fix timeouts on sockets for replication, DMZ, and ServerBeat  not correctly honoring the expected timeout for a failed connection<br/>
_20:fix for uploads not allowing re-upload of the same filename in the same session<br/>
_19:fix for OIDC and OAUTH buttons on login screen not working<br/>
_18:fix for TempAccounts and VFS permissions when using MFA via DMZ<br/>
_17:added ability to do a mass hashing of passwords on users<br/>
_16:increased logging on all cloud protocols and improved error handling on cloud protocols.  (S3,OneDrive,Box,etc)<br/>
_15:improved feedback for slow azure uploads via WebInterface and improved JobEngine connections and closures<br/>
_14:improved job caching to save and reload local cache info avoiding need to re-cache on any restart<br/>
_13:improved job handling by utilizing cached job listing instead of making a new request every time<br/>
_12:fixed how various reports show user information across multiple User Connection Groups<br/>
_11:updated SMB libraries to fix issue with FSX servers and other special cases<br/>
_10:fix for blocking uploads for certain filename patterns that didn't match what we expected<br/>
_9:added support for un-archiving .tar and .tar.gz using the Unzip task<br/> 
_9:added support for .tar, tar.gz, .7z archive creation using the Zip task<br/>
_8:updated Let'sEncrypt HTP connection handling<br/>
_7:added user created date filter for the User Usage report<br/>
_6:authentication fix (Credit:Outpost24) and event path trigger handling fixes<br/>
11.3.0<br/>
_5:updated SFTP library for some minor bug fixes<br/>
_4:s3 engine improvements and kms server side encryption fixes for amazon<br/>
_3:added ability to check encrypted sizes on SMB3:// locations for PGP downloads and reporting accurate size info.  smb3_check_encrypted_header flag<br/>
_2:update thread name with current job info for better debugging<br/>
_1:added file extensions for WebInterface download blocking<br/>
_0:released<br/>
<br/>
11.2.3<br/>
_27:updated SMB library to latest with many bug fixes and resolves MFA issues with SFTP through DMZ<br/>
_26:removed outdated UniSSO plugin<br/>
_25:fixes for MFA and expired passwords, download restrictions with zips, and limited admin directory navigation when multiple levels deep<br/>
_24:fix for upcoming share expiration notices<br/>
_23:fix for folder listings<br/>
_22:fixed expired passwords for SFTP not allowing client to change password<br/>
_21:fixes issue with double results of items in emails from events (not CrushTask)<br/>
_20:fixes logging bug created in build _19<br/>
_19:added flag daily_check_and_auto_update_on_idle to prefs.XML to allow for automated daily updating<br/>
_18:fixed bug with PGP keys not being loaded from the keystore correctly for the PGP task in jobs<br/>
_17:certificate export now correctly creates a zip of the der and pem encoded files<br/>
_16:supports limited admin utilizing connection profiles for remote VFS items<br/>
_15:better usage of our own hostname for ServerBeat and replicated servers (ignores our own hostname)<br/>
_14:fix for unzip logic and its retries in jobs<br/>
_13:updated apache commons jars to help with compression algorithm updates<br/>
_12:performance fix for webdav connections<br/>
_11:fix for geoip country banning<br/>
_10:various fixes and enhancements for PGP key management (rename, permanent delete, restore, hide deleted, change keystore password)<br/>
_9:added global geoip blocking options for the server<br/>
_8:Initial OIDC support added<br/>
_7:fixes for LinkTask when running on other servers<br/>
_6:fix for allowing jobs to run on the DMZ via a link task from the internal server Job Scheduler<br/>
_5:fix for paste actions in the WebInterface reporting an error<br/>
_4:fix for DMZ not tracking archived dashboard history snapshots<br/>
_3:share reporting fixes<br/>
_2:possible fix for cloudflare HTTP requests that CF destroys the chunked handling on<br/>
_1:improved job engine communication when working with large jobs, much more CPU and memory friendly<br/>
_0:released.  password reset link vulnerability fix (CVE-2024-53552 - credit Stratascale Cyber Research Unit (CRU) team) and (CVE-2024-11986 - credit European Commission, Application Security Testing Services) 11/11/2024<br/>
11.2.2<br/>
_13:fixed bug with job scheduler not always enforcing one job running at a time.
_12:fixed bug related to cookie being tied to source IP<br/>
_11:added ability to re-route socket to another port based on IP banning rules<br/>
_10:attempting to fix version update cache issues with the WebInterface...browsers should stop having issues.<br/>
_9:fix for radius using PAP not giving a proper timeout message when bad credentials are used<br/>
_9:fix for MFA/OTP tokens with SFTP logins<br/>
_8:added sign and digest method to SAML plugin<br/>
_7:fixed automated update system to not leave behind tmp files on windows<br/>
_6:added flag for making SMB3 use old DNS resolution config (smb3_old_resolve_settings)<br/>
_6:added flag for all http connections to sue proxy (use_proxy_setings_for_all_http_call)<br/>
_5:added signing method to SAML plugin, default is still SHA1<br/>
_4:added config for SAML on Canonicalization Method and fixes bug with WinSCP and .filepart extensions for job flows<br/>
_3:fix for MFA tokens when going through DMZ<br/>
_2:improved update system to handle routing through DMZ or Internal server if one side is blocked and simplified the update mechanism<br/>
_1:remote job engines now use SSL for communication<br/>
_0:new version of SMB3 libraries to address slowness in DNS/reverse DNS resolution for shares<br/>
<br/>
11.2.1<br/>
_23:bug with server engine not passing responses to things back to jobs engine<br/>
_22:fixed bug with logging for jobs<br/>
_21:fixed invalid references to {path} variable in events</br>
_20:More improvements to Jobs engines running remotely<br/>
_19:Jobs engine has support for a pool of job servers now, no change for existing users by default, wiki articles coming soon.<br/>
_18:fixed an issue with memory leak of log data not being cleared in jobs engine<br/>
_17:converted update system to use our own HTTPClient mechanism to better support HTTP proxies for outbound connections<br/>
_16:fix for not getting login page but instead getting access denied page when you have a bad cookie<br/>
_15:efficiency improvements to jobs engine communication with server engine<br/>
_14:fixes for HTML emails and Link tasks with async job trigger<br/>
_13:fix for ServerBeat and shutdown process not always releasing the IP<br/>
_12:improvements to job engine to use less CPU when running events and scheduled jobs<br/>
_11:improvements to job engine communication to speed things up and prevent overloading issues<br/>
_10:SMB3 fixes for long delays on login/logoff, reading from zip files, and setting modified time of files<br/>
11.2.0<br/>
_9:fix for # characters in URLs<br/>
_8:added separate prefs controls for s3 uploaded_by and s3 md5<br/>
_7:fix same update popup notifications when there is no update, fix for url encoding of # character<br/>
_6:fix for never ban username not working<br/>
_5:added error checking for checking for updates to notify you if the server can't be reached<br/>
_4:updated SMB3 library with minor bug fixes<br/>
_3:fixes for share customizations and UI display issues<br/>
_2:fix for double url encoding on DMZ listings causing failures<br/>
_1:fix for javascript files not always downloading correctly<br/>
_0:Vulnerability patches for two different XSS exploits.  DMZ users are not affected by one of them.  CVE details will come later<br/>
_0:One XSS was related to a stored XSS vulnerability where an admin may trigger javascript at a later time, resulting in hidden changes being done from admin session<br/>
_0:2nd XSS was related to having a user click a specially crafted link...and if they were an admin, then hidden changes could be done from the admin session<br/>
_0:Updated SMB3 libraries for additional compatibility and bug fixes<br/>
<br/>
11.1.0<br/>
_0:VULNERABILITY PATCH FOR AUTHENTICATED SESSIONS.  DMZ users unaffected for now, but still should update immediately!<br/>
_1:fixed bug with admin actions being blocked<br/>
_2:fix bug with saving some jobs<br/>
_3:improved update status messages<br/>
_4:fixed Radius plugin so it works again<br/>
_5:many UI fixes for WebInterface shares and other minor UI tweaks.<br/>
_6:bug fix for HomeDirectory plugin in v11 not handling the user VFS config, and memory leak fix for Jobs engine<br/>
_7:improvements to Radius logging, and fix for replication allowing many threads to be opened when a replication server is not responding quickly<br/>
_8:fix for Radius based logins<br/>
_9:fix for MFA/OTP codes not displaying for entry on the WebInterface<br/>
_10:added logging for jobs engine communication object sizes<br/>
_11:fix for using DMZ for outbound connections in jobs and WebDAV fixes (reverted recent WebDAV changes)<br/>
_12:fix for using DMZ for outbound connections in jobs<br/>
_13:fix for jobs engine not honoring logging debug level<br/>
_14:fixed bug with S3Crush segmented downloads missing their last segment and downloads hanging<br/>
_15:fix issue with WebInterface not loading in _14<br/>
_16:fixes for URLs with special characters in the password due to changes starting with Java21 and WebInterface old code cleanup<br/>
_17:fix for IPs not always being tracked correctly in HTTP session<br/>
_18:rolled back password fixes for Java 21 that were causing problems for DMZ server connections<br/>
_19:rolled back IP changes for cookies, re-implemented password fixes for Java21<br/>
_20:fixed on remote job runs in managed agent, fix for sharepoint cache, rename retries for cut/paste, posix fix on VFS permissions, and renaming job fix for running jobs<br/>
_21:updated SFTP libraries to fix compatibility for some clients, fix for attaching files from remote locations in jobs, and fix for SMB3:// not being able to set modified time on files<br/>
<br/>
11.0.1<br/>
<b>Changes:</b><br/>
_11:jar file cleanup files<br/>
_12:updated javamail to latest, streamlined how SAML plugin operates to not need custom JVM flags<br/>
_13:updated all BouncyCastle jar files<br/>
_14:updated jQuery 1.12.1 to 1.13.2<br/>
_15:cleaned up old BouncyCastle jar files left over.<br/>
_17:cleanup of old beta code<br/>
_18:added some conditional Job logic capabilities<br/>
_19:re-written ServerBeat logic to handle more complex scenarios, as many priorities as needed, and as many servers as needed.<br/>
_20:updated BouncyCastle jars and SFTP libraries<br/>
_22:removed offending "bcprov-ext-jdk18on-1.78.jar" for being unsigned and causing all encryption activities to fail (Let'sEncrypt, SFTP, PGP, AS2, etc)<br/>
_23:improved Replication to avoid blocks when a server is offline<br/>
_25:the temporary acceptance of v10 codes in Crush v11 is no longer allowed, you must have an upgraded v11 code, not v10 code.<br/>
_26:architectural changes for the Replication with multiple servers and performance improvements for Jobs engine to server communication<br/>
<br/>
<b>Fixes:</b><br/>
_1:fixed recursive deletes on certain SMB3 servers<br/>
_2:fixed issues with WebSocket based transfers<br/>
_3:better logged in active session preservations across updates<br/>
_4:fixes for WebSocket based multiplexed downloads<br/>
_5:many fixes for WebSocket based transfers, and for Jobs engine running on Windows<br/>
_6:fix for pgp passwords stored in an old format<br/>
_7:fixes for WebSocket advanced upload/download and multi-threaded s3 downloads<br/>
_8:updated SFTP libraries to fix some StrictKex compatibility issues<br/>
_9:fixed problem where JOB_BROKER was stealing the update process...prior to _9 you may need to do a full restart</br>
_10:fixed I forgot my Password link not working.  There have also been fixes related to the ad-hoc sharing panel.<br/>
_13:fixed stop/pause/resume button not working on jobs<br/>
_16:fixed bug with email based PGP keys that were imported and had invalid names<br/>
_18:fixed proxy_protocol_ftp_pasv code that was not ported forward from v10<br/>
_21:changed how BouncyCastle is globally loaded<br/>
_24:fixed jobs to preserve sftp private key between find/copy steps<br/>
_27:fixes bug where user variables were not present in events they triggered<br/>
_28:fixes for jobs not running<br/>
_29:fixed some memory leaks related to replication and jobs engine<br/>
_30:fixed the restore user menu in the UserManager for difference User Connection Groups scenarios<br/> 
<br/>
<br/>