Version 10.7.1_39

<html><body>
10.7.1 patches a serious vulnerability for authenticated users.  Otherwise its identical to 10.6.1.<br/><br/><br/>
<b>New:</b><br/>
_0:released with important security updates for SSH<br/>
_0:cbc and chacha20poly1305 ciphers disabled by default, can be re-enabled via prefs.XML flags: sftp_allow_cbc_ciphers,sftp_allow_chacha_ciphers<br/>
_0:updated SSH libraries, removed chacha20poly1305 and cbc ciphers for outbound SFTP connections.<br/>
_5:changed default QR code generator to be a local system instead of the google API as theirs is being deprecated<br/>
_7:added support for Let'sEncrypt to handle proxy protocol HTTPS port and http redirect to HTTPS port issues.  Also allow ignoring http header error.<br/>
_13:added support for experimental distributed jobs engine<br/>
_15:updated SFTP library to final version<br/>
_16:added prefer_ipv6 prefs flag to make Crush prefer resolving to ipv6 instead of ipv4 for DNS<br/>
_25:jar file cleanup, updated javamail to latest, SMB3 libraries to latest, streamlined SAML plugin to not require custom java JVM flags<br/>
_29:re-written ServerBeat logic to handle more complex scenarios, as many priorities as needed, and as many servers as needed.<br/>
_32:updated BouncyCastel jars and SFTP libraries<br/>
_33:removed offending "bcprov-ext-jdk18on-1.78.jar" jar causing encryption to fail (LetsEncrypt, PGP, SFTP, AS2, etc.)<br/>
_34:VULNERABILITY PATCH FOR AUTHENTICATED SESSIONS.  DMZ users unaffected for now, but still should update immediately!<br/>
<br/>
<br/>
<b>Fixes:</b><br/>
_0: https://terrapin-attack.com/ KEX changes, and Cipher changes to mitigate, as well as supporting the new KEX protocol (CVE-2023-48795)<br/>
_0:LDAP references to home folders that utilize the login password are ignored during SFTP SSH public key lookups now<br/>
_1:fix for very slow memory leak with DMZ communication channel<br/>
_2:workaround for reset password being blocked for some scenarios<br/>
_3:updated SMB3 library with some auth fixes<br/>
_4:fix for dir listing bug in WebInterface<br/>
_6:fix for proxy_protocol_ftp_pasv and ssl<br/>
_7:fix for XSS vulnerability in a specially crafted link for an already authenticated user.  Credit: Code Guardian<br/>
_8:fix for OTP working through DMZ scenario<br/>
_9:fix for ssl port and proxy_protocol_ftp_pasv<br/>
_10:updated SSH libraries with a fix for StrictKEX and some old server implementations (terrapin regression fix)<br/>
_11:rolled back sftp libraries due to StrictKex issues<br/>
_12:updated SFTP libraries again to fix the terrapin StrictKex compatibility issue on the server<br/>
_14:fixes for azure double encoding sisues for special characters<br/>
_17:fixed bugs related to S3Client headers<br/>
_18:fixed bug with LDAPS not finding a required class<br/>
_19:fixed bug with StatsDB, SyncDB, SQLUsers...all not finding their JDBC driver class<br/>
_20:fix for s3 not properly tracking new folders and allowing access to new folders<br/>
_21:fix for share links having invalid encrypted URLs<br/>
_22:fixed recursive deletes on folders on certain SMB3 servers<br/>
_23:fix for pgp passwords stored in an old format<br/>
_24:updated SFTP libraries to fix some StrictKex compatibility issues and case sensitive username issue<br/>
_26:fix for Let'sEncrypt log errors filling up the logs (regardless of the fact if you use it or not)<br/>
_27:removed old google charts API for QR codes<br/>
_28:cleanup of old beta code<br/>
_30:fix for ServerBeat bug in _29 preventing jobs from running<br/>
_31:fix for no serverbeat configured blocking jobs/letsencrypt<br/>
_34:fixed the restore user menu in the UserManager for difference User Connection Groups scenarios<br/> 
_35:fix for some admin areas not allowing saves<br/>
_36:fix for some jobs not allowing saves<br/>
_37:fixed Radius plugin so it works gain<br/>
_38:fixed bug with SSL not loading due to a typo in the BouncyCastle library names<br/>
_39:changed how Radius plugin loads to prevent conflicts with LetsEncrypt and PGP<br/>
<br/>
<hr/>
<br/>
<b>10.5.1, 10.5.5 have critical security patches *EVERYONE* needs to install ASAP!</b><br/>
<br>
<b>New:</b><br/>
_0:released with important fixes for SMB3 library compatibility<br/>
_14:improvements to hack username checks for immediate bans<br/>
_15:enhancements to the OneDrive protocol to improve upload speeds<br/>
_16:DB drivers can no longer be dynamically loaded and must be part of your plugins/lib folder (change for upcoming CVE)<br/>
_23:more efficient multithreaded asynchronous quota workers<br/>
_24:10.5.3:updated SFTP libraries for client and server components.  Updated SMB3 libraries to latest.<br/>
_33:async quota workers share between replicated servers their work<br/>
_36:added flag to force proxy protocol on FTP pasv ports too<br/>
_37:added config control for "max_ftp_auth_secs" and default changed from 120 to 20</br>
_44:10.5.6 has updated SSH libraries to patch an SSH vulnerability. (not Crush, but same effect in the end.) https://eprint.iacr.org/2023/1711.pdf <br/>
_49:sftp session logs now get tied to the user's session individually making debugging issues much much easier..as well as the global log for tracking issues<br/>
<br/>
<b>Fixes:</b><br/>
_1:fixed missing thread names on PGP encrypt/decrypt streams<br/>
_2:fix for blocked thread on replication of prefs/users/jobs/reports/etc preventing future updates<br/>
_3:new pgp library to fix speed issues with pgp ascii armor<br/>
_4:fix for starting up job schedules when there are lots of jobs scheduled for the same minute<br/>
_5:fix for a rare scenario where a FILE item gets treated as a folder during a Copy task<br/>
_6:fix for job scheduler possibly skipping a minute when under extremely super high load<br/>
_7:fix for security issue awaiting disclosure.10.5.0 and 10.5.1 are the same, just version bump for notifications.  Credit Ryan Emmons<br/>
_8:performance improvement for many jobs running at the same time<br/>
_9:job scheduling fix for daily/weekly/monthly jobs skipping a day/month/week potentially</br>
_10:updated SFTP libraries to fix private key loading issue for very old key formats using sshtools<br/>
_11:another fix for weekly job runs to calculate the correct next run time on new saves of a job<br/>
_12:fix for multi-segmented transfers and PGP instream changes<br/>
_13:fix for Azure connections that don't get cleaned up until logout of a client which uses memory when they uploads lots of little files<br/>
_17:fix for connecting to statisticsDB when not using Derby (builtin)<br/>
_18:fix for zipstream uploads not extracting correctly with corrupted files<br/>
_19:fix for when SFTP clients open many channels on one connection and logout before all file transfers are finished<br/>
_20:fixes for share button in WebInterface not showing, and additional log details for CrushTasks of protocol errors<br/>
_21:fix for SMB3 not using the correct ModifiedTime on files and causing issues for Find tasks in jobs<br/>
_22:fix for replication on a new server that doens't have a groups.XML or a inheritance.XML file<br/> 
_24:fixes for kerberos and NTLM auth issues related to SMB3 servers<br/>
_25:fixed 1st bug with memory leak on async quota and remote VFS items<br/>
_26:fixed 2nd bug with memory leak on async quota and remote VFS items<br/>
_27:fixed bug with memory leak with bad S3 VFS items<br/>
_28:10.5.4 fixes a bug related to alerts where a server admin could execute a local process in an unexpected way (there are other allowed ways, so this isn't a vulnerability)<br/>
_29:fix for WebInterface index.html cache and slow DMZ login page loading for some people, and possible memory leak for SFTP connections<br/>
_30:fix for SAML bug where the plugin's logging was disabled<br/>
_31:possible memory leak fix for certain sftp scenarios<br/>
_32:same as #31, different approach<br/>
_34:fix for dmz not responding with failed login response when the internal server wouldn't even honor the request for bad logins (fake admin)<br/>
_35:fix for File VFS items instead of folder VFS items in the User Manager<br/>
_37:10.5.5 release with three critical vulnerability fixes: Credit to: The UK's National Cyber Security Centre (NCSC).  Details will follow soon.<br/>
_40:fixed some missing variables in FTP responses<br/>
_41:fix for SFTP logins timing out<br/>
_42:implemented fix for multiple SFTP ports and race conditions for logins being tied to the wrong server port<br/>
_43:fix for password encryption breaking the save button in the Jobs area<br/>
_44:fixes DMZ user issues<br/>
_45:updated SSH libraries to fix a library compatibility issue causing RSA keys not to work for some people<br/>
_46:fix for password lookups with multiple User COnnection Groups configured<br/>
_47:potential fix for AS2 MDN async responses<br/>
_48:removed SSH session timeouts as its already handled by the user idle timeout of the User Manager (and this fixes bad SFTP clients)<br/>
<br/>
<br>
<hr/>
<br>
10.4.0<br/>
<b>New:</b><br/>
_0:released<br/>
_0:updated SFTP, SMB3, PGP libraries<br/>
_4:updated BouncyCastle libraries to latest 1.72 (used for PGP)<br/>
_5:changed how PGP encrypt/decrypt task works in a job for S3 locations to avoid any rename situations and just output the actual file<br/>
_8:updated SFTP libraries to improve KEX compatibility<br/>
_9:AzureClient now attempts multiple retries in case there i a temporary server issue, and added {0group}, {1gorup}, {group0} variables for user info<br/>
_16:SMB3 library updated to latest with improved kerberos support<br/>
_19:finished support for SOCKS5 protocol support.  user/pass auth, logging flag, and protocol control in user manager<br/>
_22:major improvements to job info caching and job monitoring, flag to disable job summary lookup on dashboard job_summary_on_dashboard<br/>
_24:removed some jars used for JMS, if you use JMS, you need to manually re-add some jars to keep JMS support.  This was required due to prior vulnerabilities in the older JMS jars.  See wiki.<br/>
_25:significantly sped up the Jobs viewer when dealing with thousands of Jobs.  Both in editing and saving jobs and in viewing prior run jobs<br/>
_32:added ability to do multiple jobs in testJobSchedule and changeJobStatus<br/>
<br/>
<b>Fixes:</b><br/>
_0:new SMB3 library fixes issues with Amazon FSX servers<br/>
_1:fix for some Tectia SSH servers and outbound SFTP connections from CrushFTP<br/>
_2:fix for ip restrictions and public key auth with SFTP<br/>
_3:2nd fix for ip restrictions and public key auth with SFTP<br/>
_6:fix for CopyTask bug with S3 locations and SFTP client not liking null characters in folder names</br>
_7:fix for CopyTask bug with S3 locations<br/>
_10:fix bug related to expire users inheriting from group user<br/>
_11:fix for jobs not running at their scheduled time when the system was too overloaded with job schedules to process<br/>
_12:fixed bugs related to Move task with folder structures and being on the same disk<br/>
_13:fixed bug with Move task when absolute paths had been used in Find task<br/>
_14:fixed bug with Move task related to certain event scenarios<br/>
_15:fix for merged VFS items now showing when out of sync with SMB/SMB3<br/>
_16:fix for multi-threaded Move task handling folder creations<br/>
_17:fix for move task leaving behind folders when the source was a FTP server location<br/>
_18:fix for WebInterface when using SQL user mode<br/>
_20:socks4/socks5 auth fixes<br/>
_21:fix for uploads failing with WebInterface<br/>
_22:fixes for search process with bad directories in the memCache<br/>
_23:fix for remote agentRegistration in a HA environment<br/>
_25:fix for broken java -jar CrushFTP.jar scenario due to a malformed manifest.mf file.  java -jar plugins/lib/CrushFTPJarProxy.jar was unaffected and still worked fine<br/>
_26:fix for connection pooling in CrushTask/Jobs with Copy/move steps not always doing pooling<br/>
_27:fixes for change password email delays<br/>
_28:minor SMB3 library update with some bug fixes<br/>
_29:fix for merged VFS download all items failing in certain scenarios<br/>
_30:socket usage improvements for Azure client protocol<br/>
_31:connections fixes for azure client<br/>
_33:rolled back JNQ SMB3 Library to prior version due to some connectivity issues for a customers<br/>
_34:fixed merged VFS scenario where all VFS items had different root names and zip download failed<br/>
_35:fix for failing dir listings caused by _34<br/>
_36:updated PGP supporting libraries to fix a PGP zipexception error on decrypt<br/>
_37:fix for DMZ server not allowing uploads for local accounts (pass through to internal was fine.)<br/>
<br/>
<br>
<hr/>
10.3.0<br/>
<b>New:</b><br/>
_0:released<br/>
_0:updated SSH libraries to support PUTTy v3 key type and support for ED448 key types<br/>
_5:added active_jobs_shutdown_wait_secs parameter to allow CrushFTP to wait for jobs to finish before allowing a friendly service shutdown</br>
_20:automatically disabled multi-segmented downloading when memory is low</br>
_21:updated SFTP libraries to latest version<br/>
_21:fix for FTPES uploads to FZ servers because they complain bout TLS closure and disagree with how java does it<br/>
_23:re-wrote the HTTPClient multi-segmented download handling to be more memory safe<br/>
_25:updated sftp libraries to latest version<br/>
_26:updated SMB3 libraries which had various bug fixes (deadlocks and better connection handling)<br/>
_28:validates SQL connections from the pool before using them for looking up user info when using SQL mode<br/>
_29:added ability to reload keystores for internal and dmz by making a local file 'reload_ssl'<br/>
_29:fix for a DOS related to password encryption, credit to Matt Moreschi<br/>
_31:updated JNQ SMB3 library with minor fixes<br/>
_33:triggers GarbageCollection before triggering low_memory level 3 alert...just in case memory really isn't that low<br/>
_35:added VFS items at login log line to help track VFS config in archived logs<br/>
_36:changes default for sftp to not use sftp_transport_blocking to improve compatibility<br/>
_37:updated SMB3 library for minor bug fixes<br/>
_43:added advanced list management capabilities to UserVariable task in Jobs.  See wiki CrushTask Functions<br/>
_44:allow deletion of read-only flagged files on SMB3...the same as Windows SMB allows<br/>
_45:updated to final sftp library update<br/>
_46:updating users with updated expiration date/time is now asynchronous<br/>
_53:support for JKS sharing between cluster nodes with Let'sEncrypt plugin.<br/>
_58:faster directory listings<br/>
_59:additional logging for CrushTask debugging<br/>
_61:added flags for 'ssh_client_*' in prefs.XML to control allowed ciphers, kex, and macs<br/>
<br/>
<b>Fixes:</b><br/>
_1:new memory tracking algorithm for html transfers to better track and fix memory consumption issues<br/>
_2:fix for delete on overwrite with similar named directory paths<br/>
_3:fix for slow memory creep when using multi segmented transfers through DMZ and slow downloads<br/>
_4:fix for sftp rename bug</br>
_6:fix for memory usage not being freed immediately when a multi segmented download transfer fails.<br/>
_7:fix for failing sftp downloads<br/>
_8:fix for failing sftp downloads<br/>
_9:fix for FTPS/FTPES outbound connections potentially having a thread leak<br/>
_10:fix for SFTP not honoring the lack of delete directory permission in some scenarios<br/>
_11:fix for LDAP plugins not properly honoring group membership<br/>
_12:fix for thread leak when running CrushFTP as a SFTP proxy<br/>
_13:CrushTask multi-threading fixes for Delete task and error catching for zip/copy tasks<br/>
_14:fix for DMZ UI not loading preferences<br/>
_15:fix for dmz memory usage for multi-segmented transfer downloads<br/>
_16:fix for dmz memory usage for multi-segmented transfer downloads<br/>
_17:fix for memory not being cleared quickly when an error is encountered on file download<br/>
_18:fix for html5 memory usage on DMZ for slow downloads<br/>
_19:fix for failing dmz downloads created by build _17.<br/>
_21:fix for SCP doubling filename when renaming file<br/>
_22:rolled back SFTP libraries<br/>
_24:fix for non-serializable item getting into areas where it should not have been<br/>
_27:fix for split_prefs and dmz servers for server_list items<br/>
_30:re-implemented window space control for SFTP to allow buggy JSCH implementations to not crash<br/>
_32:fix for memory race condition when allowing multi-segmented chunks download<br/>
_34:fix for job task item URL's loosing their final character<br/>
_37:fix for DMZ quota lookups<br/>
_38:updated sftp libraries for a fix for the 'paramiko' SFTP client<br/>
_39:rolled back sftp libraries..still has fix for paramiko, but not working at high performance level for now<br/>
_40:rolled back sftp libraries to last known stable version...<br/>
_41:updated sftp libraries to a new stable version that protects against a memory issue, and compatibility issues<br/>
_42:fix for Jobs loosing the path to items after their first copy was performed<br/>
_44:fix for an admin bug causing deletion of all users, credit for Jean Calvin Mugabo of Trustwave SpiderLabs<br/>
_47:fix for sharepoint VFS client<br/>
_48:fix for ignoring errors during a Move task<br/>
_49:fix for uploads not showing speed on dashboard<br/>
_50:added additional full disk protection for job scheduler<br/>
_51:fix for potential socket getting stuck in DMZv5 mode and all other sockets stuck behind it.<br/>
_52:fix for limited admin and using @AutoHost on server ports<br/>
_54:honors the hidden flag on SMB/SMB3 servers now<br/>
_55:fixed bug with proxy protocol v1/v2 and SFTP server ports hanging sometimes<br/>
_56:fix for routing connections through DMZ<br/>
_57:fix for SFTP public key auth with disabled user manager users<br/>
_58:fix for @AutoDomain limited administrators in the UserManager<br/>
_60:bug fix for overlapping settings config in CrushTask scenarios<br/>
_62:fixed issue where ssh_client_* parameters not used for Job configs (was VFS only)<br/>
_63:fixed missing encrypted url support for SQL mode storage of user configurations<br/>
_64:fix for items being lost for events when zipping on the fly with nested folders<br/>
<br/>
<br>
<hr/>
10.2.0<br/>
<br>
<b>New:</b><br/>
_0:released<br/>
_2:more efficient XML cache handling for user.XML loading<br/>
_3:more efficient FindTask execution by processing the filter while building the lists of items<br/>
_4:added support for SAML sub names<br/>
_6:added control for user manager to set 2nd factor requirement.<br/>
_12:CSP (Content Security Policy) improvements and fixes to give better scanning scores<br/>
_13:user session logs now capture session specific debug stack traces too<br/>
_14:SSH sessions track errors in user session logs now too<br/>
_15:support for zip on the fly MD5 calculations in logs<br/>
_17:added automated {heap_dump} capability and additional low memory alert types</br>
_20:DMZ will not start it server ports if the template user is missing or invalid<br/>
_20:updated faster-xml jackson libraries to latest<br/>
_21:DMZ template user is auto generated on first DMZ start</br>
<br/>
<b>Fixes:</b><br/>
_1:fix for making servers slow if they happened to be missing inheritance.XML or groups.XML as it attempted to search for them<br/>
_3:fix for Find task duplicating items when it runs in a loop waiting for files to appear matching criteria<br/>
_7:fixes for special characters in filenames for azure<br/>
_8:added automatic fallback method for SMTP servers to fallback on TLS versions in case they don't support more modern versions<br/>
_9:fixed issues with saml_assertion_subname to allow differentiating SAML configurations<br/>
_10:fixes for WebInterface login page prepending a slash to usernames or not functioning at all<br/>
_11:Carlo Di Dato and Francesco Gnocchi for Deloitte Risk Advisory Italy discovered an XSS issue that has been fixed.<br/>
_12:fix for SMB3 and non existent file downloads<br/>
_14:fix for spaces in folder names when using certain admin controls<br/>
_16:fix for SFTP port counter growing when using proxy protocol v1/v2.<br/>
_16:fix for SAML not working when going through DMZ<br/>
_18:fix for scan_vfs_for_initial_listing flag causing problems for single file share items<br/>
_19:added fix for same userid opening second session and overwriting file that was in sue in the prior session<br/>
_20:fix for Azure password  char encoding issue<br/>
_22:fix for sockets getting stuck in some scenarios with proxy protocol v1<br/>
_23:fix for ascii PGP uploads getting a PGP trailer for size added on them<br/>
<br/>
<br>
<hr/>
10.1.0<br/>
<br/>
<b>New:</b><br/>
_0:released<br/>
_0:<a href="https://www.crushftp.com/crush10wiki/Wiki.jsp?page=CrushFTP10New">CrushFTP v10 New Features</a><br/>
_1:added support for chacha20-poly1305@openssh.com cipher and curve25519-sha2@libssh.org for KEX in SFTP<br/>
_1:Updated SFTP libraries to latest<br/>
_2:changed SFTP client to default to doing a "ls" command with blank value instead of ".".  Controlled by pref: sftpclient_ls_dot<br/>
_4:partial white labeling support<br/>
_5:implemented newer SMB3 library version with some additional bug fixes for DFS<br/>
_8:log memory buffering improvements<br/>
_15:added new vfs bad config alert type<br/>
_16:added GROUPBY capability to CrushTask Jump<br/>
_22:added test keystore buttons for AS2 certificates and added SSH character encodings to SFTP sessions control<br/>
_24:changed replication to sue path from the URL and not the entire URL</br>
_25:updated SMB3 library to latest version<br/>
_33:added custom char encoding for outbound SFTP connections<br/>
_36:updated log4j library from 1.2.17 to v2.16 even though it was NOT vulnerable.  This is not a security patch, its just to appease security departments.<br/>
_37:better public key validation when two factor is enabled (more compatible with sftp clients)<br/>
_39:updated log4j libraries to 2.17 due to other issues which don't affect CrushFTP...<br/>
_40:updated jars across various areas to more current versions (letsencrypt,hadoop)<br/>
_41:added ecdsa and ed25519 server host key support for SFTP (defaults to enabled)<br/>
_43:automatically remove invalid or dead linked events when saving a user<br/>
_46:updated log4j to 2.17.1 libraries<br/>
_47:added change phone option and OTP valid for X days<br/>
_48:logging improvements for alerts<br/>
_49:added faster native md5sum calculations on file transfers<br/>
_50:changed update idle behavior to update DMZ first, then update main, and updated log4j to 2.17.1 to appease organizations that don't understand its usage in CrushFTP<br/>
_51:faster Windows UNC dir listings and added created time for listings on FILE:// locations in WebInterface<br/>
_52:end user ability to subscribe to <a href="https://www.crushftp.com/crush10wiki/Wiki.jsp?page=ReverseEvents">reverse event notifications.<a/></br>
_56:added ability to do dual banning mode for hammering passwords, first by username, then by IP.  Separate dual mode items with comma.<br/>
_58:added password blacklist file support<br/>
_59:added additional login frequency failure alert info<br/>
_62:updated PGP libraries for additional key compatibility<br/>
_65:new build of Let'sEncrypt plugin with improved handling of errors<br/>
_66:updated SMB3:// libraries with JNQ<br/>
_67:ldap cache now applies to users and groups<br/>
_70:added performance metrics checking for quotaWorker at startup to reduce server load<br/>
_71:improved thread dumps for HTML5Downlaod transfers<br/>
_73:added support for rename overwrite to HTTPClient to help with multi_journal<br/>
_75:fix for Citrix LoadBalancers not knowing how to properly do ProxyProtocolV1 so CrushFTP has to do magic to make the proxy header come through for SFTP<br/>
_77:speed improvements for Azure and storage class controls for S3<br/>
_79:memory usage throttling for segmented downloads improved</br>
_82:updated SMB3:// libraries to use the latest version.<br/>
<br/>
<b>Fixes:</b><br/>
_2:fixes for OneDrive VFS protocol<br/>
_3:fix for AzureClient<br/>
_6:fix for async quota using a lot of CPU<br/>
_7:fixes for async quota and parent quota dir configurations<br/>
_9:fix for incorrect s3 listings under simultaneous listings from multiple clients<br/>
_10:fix for restart bug on Windows where service did not auto restart (since build_4 roughly)<br/>
_11:fix for sending dmz logs to internal server sometimes stopping<br/>
_12:fix for SMB DFS, to keep it enabled if its ever toggled enabled<br/>
_13:SMB DFS defaults to enabled for "smb://" protocol now.<br/>
_14:fix for PGP encrypt job not detecting failures correctly and zip/unzip tasks not handling dfs_enabled flags.</br>
_16:XSS mitigation for user manager admin accounts<br/>
_17:fix for rename failures with SMB and PGP task, attempts a copy/delete source if encountered<br/>
_18:faster failures through DMZ for bad VFS configurations<br/>
_20:fixes for http errors being relayed to CrushClient<br/>
_21:fixes for async quota calculations and logging more information<br/>
_22:fixes for quota results through DMZ<br/>
_23:fix for AS2 incoming issues due to BouncyCastle jar updates<br/>
_24:fix for AS2 sends to HTTP URLs (only HTTPS) were allowed<br/>
_25:fixed VFS replication URLs to only look at the path of the URL and not compare entire URL<br/>
_26:fix for Radius not working due to missing old library from BouncyCastle<br/>
_27:fix for login failures<br/>
_28:fix for generating SSL keystores not working due to missing old library from BouncyCastle</br>
_29:fix for broken share by reference in certain scenarios<br/>
_30:fix for cached time stamps on newly uploaded files via SFTP<br/>
_31:fix for TEXT mode in SFTP v4 clients<br/>
_32:additional support for custom runtime system properties (proxy for updating, etc)<br/>
_34:fix for outbound ftp client connections in active mode</br>
_35:fix for thread leak in outbound ftp client connections<br/>
_38:fix for LetsEncrypt and log4j issues due to missing jars<br/>
_40:fix for out of sync md5 hashes for CrushClient uploads across multiple threads<br/>
_40:fix for viewing recent jobs on a server that has a different time zone than the browser<br/>
_42:fixed bug with UI not showing ecdsa and ed25519 keys were enabled when they were (enabled by default)</br>
_44:fix for MicrosoftMail being more restrictive on Content-Type headers<br/>
_45:fix for events being deleted when editing a user<br/>
_48:fix for alerts being triggered on hack usernames<br/>
_53:fix for FTP downloads with zip on the fly<br/>
_54:fix for download as zip when going through DMZ and using segmented downloads<br/>
_55:fix for subdir quotas with async_quota enabled<br/>
_57:fixes for variable replacements in alerts<br/>
_58:fix for OTP validation<br/>
_60:fixes for alerts on login frequency<br/>
_61:fix for update when idle for DMZ<br/>
_62:fix for AS2 jobs getting stuck<br/>
_63:fix for PGP private keys for decryption failing<br/>
_64:re-published fix for AS2 jobs getting stuck as build _62 did not publish correctly<br/>
_66:fix for SAML XML signing order of the Signature tag being before the Issuer tag<br/>
_67:fix for html5 transfer memory leak in specific scenarios<br/>
_68:fix for additional html5 download memory leak<br/>
_69:fixes for missing username in some alerts and missing failed port startup log entries<br/>
_72:updated SFTP libraries to fix compatibility with Azure SFTP server<br/>
_73:fixes for Azure client being too slow to handle quick uploads<br/>
_74:fix for case insensitive CSRF token<br/>
_76:fix for plugin based logins not functioning<br/>
_78:fix for proxy protocol v1/v2 with SSL ports<br/>
_80:fixes for Find task logging and logic for skipping 2nd listing, and fix for memory issues in segmented downloads through the DMZ<br/>
_81:fix for alerts triggered in DMZ and relayed through internal server<br/>
_82:fix for ed25519 keys getting auto enabled, and for tomorrow date variable being yesterday instead<br/>
_82:fix for replicated servers and multiple users writing group and inheritance changes at the same time.<br/>
<br>
<hr/>
10.0.0<br/>
<br/>
<b>New:</b><br/>
_0:cleaned up unneeded jar files, v10 ui published<br/>
_4:updates for SMTP OAuth support</br>
_6:improved upload handling and support for expect-100 PUT validation<br/>
_7:added faster webdav timeouts (10 seconds)<br/>
_10:DMZ logging fixes to provide more debug info on failures</br>
_11:added additional control for s3 multi threaded download buffer chunk size<br/>
_12:added shares with relative path, and encrypted URLs for Jobs<br/>
_13:faster single threaded s3 downloads<br/>
_16:added restart when idle feature and shutdown when idle feature (transfers, and jobs must stop before it will kick in)<br/>
_23:DMZ UI speed improvements.<br/>
_25:added automated debugging tool for sending logs to support via thread_dump_port config<br/>
_27:added -TOGGLEVFSENCRYPTION launch flag to encrypt/decrypt VFS URLs.<br/>
_29:added socketTimeout for SQL connections with SQL users to be 5 seconds<br/>
_32:added future dates for variables.  Tomorrow, next week, next month.<br/>
_34:support for simpler AS2 ID's where the cert validates the user profile<br/>
_35:support for md5 application validation<br/>
_41:additional prometheus metrics and version syntax<br/>
_43:better handling for consistent MDN and .encrypted files for AS2 processing<br/>
_44:simplified ServerBeat command handling, dropped plumb/unplumb support<br/>
_47:added vfs_lazy_load config item to prevent VFS items from being hit unnecessarily during the login and first directory phase<br/>
_49:added async quota calculations<br/>
_51:added user level quotas (VFS individual quota still overrides user level)<br/>
<br/>
<b>Fixes:</b><br/>
_1:fixed bug allowing v9 codes in build 0<br/>
_2:fix for login event blocking by plugins<br/>
_3:fix for some sftp clients connecting when trying to enable gzip compression<br/>
_5:fix for geoip errors<br/>
_8:fix for slow stat file lookups<br/>
_9:fix for stats commands<br/>
_14:fix for non HTTP(s) DMZ logins failing at times<br/>
_15:fixed timeout issue for S3 connections<br/>
_17:fix for async replication<br/>
_18:fixes for slow S3 downloads and large s3 memory buffers<br/>
_19:fix for delays caused by slow logging speeds<br/>
_20:fixed bug where SFTP didn't do recursive makedirs like FTP did<br/>
_21:simplified PASV logic for FTP IP response, defaults to enabled: pasv_simple_logic<br/>
_22:fix for multi segmented html5 download through DMZ<br/>
_23:major fix for overall http communication throughout DMZ, and VFS, and client usage<br/>
_24:fix for DMZv5 tunnel not having a timeout<br/>
_26:fix for download/upload speeds not always showing up on admin panel graphs<br/>
_30:fix for stop_dmz_ports_internal_down not working with DMZ v5 mode<br/>
_31:fix for block access patterns and WebInterface<br/>
_33:fixes for SMB:// and SMB3:// recursive folder creation<br/>
_35:faster webdav response time when no content-length header provided<br/>
_36:fix for rename bug in SMB3 VFS scenarios<br/>
_37:fix for server.root items not being allowed for keystore item types.<br/>
_38:fix for SFTP job downloads failing<br/>
_39:fix for s3 testVFS right click menu not working<br/>
_40:fix for redirect and prometheus metrics<br/>
_42:fix for AS2 MDN info being missing at times<br/>
_43:various fixes for AS2 handling and MDN responses<br/>
_44:fix for PGP global encryption not functioning<br/>
_45:fix for DMZ port stops not triggering port alert<br/>
_46:fix for MariaDB URL notation<br/>
_48:fix for replication journal getting stuck on empty folders<br/>
_50:fix for hadoop file listings<br/>
_51:fix for encrypted job URL syntax<br/>
<br/>
<br/>
<br/>

</body></html>