Version 9.4.0

What's New?


CrushFTP 9.4 has been released!


Overall 9.4 has important security updates and bug fixes. This is the last planned v9 release as v10 release is imminent.

Changes since v9.3.0
New:
_0:released
_6:added flag for ssh_disable_rsa_checks to allow insecure rsa keys...for now
_6:updated ssh libraries to the latest
_8:added web calls for encrypting a password in different types
_12:faster reset password username lookup
_17:improvements to user manager limited admin role limitations
_21:added controls for keepalive ssh itnerval and ssh idle auth timeout
_22:pass ssh client header info through DMZ to internal server
_24:faster DMZ v3 restarts
_26:added DMZ v4 mode for more compatibility with firewalls
_28:updated jAdaptive SSH libraries to improve SSH tunnels
_29:updated jAdaptive SSH libraries again to improve SSH tunnels
_33:re-updated SFTP libraries for improved ssh tunnel operations
_37:rolled back SFTP libraries due to memory and CPU issues
_39:fix for putty private keys
_41:added flag for sftp_round_seconds_up
_42:added multithreaded LDAP reverse querying for faster results and controls to determine if forward or reverse is used
_43:added experimental support for new DMZ protocol
_44:improvements for DMZv5
_46:web calls to encryptPassword by default uses server config now
_50:improved logging for blocked filename patterns
_55:added otp_numeric flag
_57:added logging of cipher suites to logs for SSL/TLS protocols and file based filtering
_61:reduce failure scenarios when thread max for the JVM is hit
_65:updated logging libraries for SFTP

Fixes:
_0:Fix for vulnerability for the WebInterface on server's not using the DMZ feature
_1:Fix for WebInterface folders not working when sym-linked
_2:Fix for WinSCP uploads with .filepart not always being tracked correctly for upload events
_3:fix for WebInterface not loading under some configurations
_4:fix for memCache and search not functioning correctly.
_5:fix for how RFile launches
_6:fix for missing ripemd160 HMAC in SSH
_7:fix for error when renaming a user in the user manager
_9:fix for stuck SMB3 sessions on logout and expire password notifications not going out on second occurrence
9.3.2
_10:fix for security issue with SelfRegistration
_11:fix for default PGP cyphers
_13:fix for LDAP plugin failing to create a VFS on login
_14:changed rounding of seconds for SFTP to standardized rounding
_15:fix for DMZ BASIC AUTH popup in DMZ
_16:fix for blocked IPs for a brief moment after an unrelated IP was banned
_18:fix for attaching files in shares
_19:fix for CSV cumulative imports
_20:fix for DMZ tmp cleanup files on v3
_25:fix for s3 VFS connections when using SFTP client
_27:fix for DMZ v1 mode not starting correctly
_30:rolled back SFTP library changes due to compatibility issues
_31:faster login performance and fix for replication failing with SocketOutputStream error
_34:faster DMZv4 restart recovery
_35:cleans up old sockets faster on internal server restarts with DMZ mode
_36:updated SFTP libraries again for more bug fixes
_38:re-updated SFTP libraries with a fix for memory issues
_40:rolls back to previously known good SFTP library version to fix CPU issues
_43:fixes for bad SFTP servers with a * at the end of the filename
_45:fixes for sockets for DMZv5
_47:fixes for DMZ triggering invalid password alerts when its only looking up user information
_48:fix for passwordEncryption in the Preferences storing incorrect hashes.
_49:fix for SAML when no groups are specified doing invalid user validation
_51:removed log4j to fix sftp logging bugs
_52:fix for replication playback referencing the wrong paths
_53:fixes for DMZv5 trusted IP for DMZ connections and socket timeout fixes
_54:fixes for DMZv5 and firewall killing idle sockets
_56:fix for journaling rename bug
_58:fix for statistics DB deletion of expired records
_59:fix for out of order close operations leaving behind partial files
_60:fix for patterns with + in the source filter in Jobs
_62:fixes for limited admin specific permission granting and violation errors
_63:fix for uploads failing if an event was configured
_64:fix for DMZ v5 deadlock scenario on dead socket
_66:fix to turn off FZ SSL workaorund for TLSv1.3
_67:generic fix for FZ TLSv1.3 bug to handle all scenarios
_68:idle timer cleanup for compatibility with older CrushFTP instances, and multi-threaded rename bug fix
_69:fix for http ports not allowing connections for some people after build _68
_70:fix for rename bug introduced in _68, _69
_71:fix for WebInterface not loading with bad cookie
_72:fix for WebInterface not loading with bad cookie
_73:memory leak fix for versions 9.3.2_68 to 9.3.2_72