The security settings, passive mode settings and TLS settings pages have received the most cleanup. The settings dialog layout had a spring cleaning. Security fix: FileZilla Server now randomizes the port used for passive mode transfers to mitigate data connection stealing when using plain FTPĪdded diagnostic message to the administration interface if FTP over TLS is disabled and if the configured certificate is expired or otherwise invalidĪdded diagnostic message to the administration interface if no passive mode IP has been configured and the server appears to be behind a NAT router ![]() Security fix: Added option to force TLS session resumption on the data connection to prevent data connection stealing Vulnerability discovered and reported by Amit Klein. Security fix: The code that checks that the peer's data connection IP address matches the control connection IP had been nonfunctional. In the settings file, 'Minimum TLS version' can be used to further increase the minimum required TLS version a client needs to speak in order to connectĪllow 0.0.0.0/0 CIDR notation in IP filters. Updated OpenSSL to 1.0.2b due to several security vulnerabilities in OpenSSLĪdd support for TLS ciphers using DHE and ECDHE to allow perfect forward secrecy Waiting for transfers to finish when taking the server offline now correctly closes the socketsĬlarified a few error messages related to FTP over TLS The undocumented 8+3 filename feature has been removed Newly set account passwords are now stored in form of salted SHA512 hashes Small fixes to the Copy user functionality The administration interface no longer starts if it cannot load the TLS libraries The maximum amount of reconnect attempt for the administration interface can be configured in its settings file Improve compatibility with broken clients that always try anonymous logins even if the user has explicitly specified a username. Updated installer to NSIS 3.0b3 to prevent DLL hijacking Rearranged 'Connect to Server' dialog and added some helpful labelsįileZilla Server no longer fails to read or write its settings if installed in a directory containing characters not expressible in the system's default multibyte character set. Performance improvements to reduce CPU usage under high loadĭisabled IDEA and SEED ciphers for FTP over TLSįixed potential crash if closing connections with pending socket messagesĪ missing home directory is no longer treaded like an empty directory Updated OpenSSL to 1.0.2i due to several security vulnerabilities in OpenSSLįixed getting list of connected users when connecting with the admin interfaceįixed crash if the administration connection is closed while an administrative command is being processed ![]() Shared directories for groups with the auto-create flag are now created before the user's home directory is accessedīuilding FileZilla Server now requires libfilezilla 0.9.0 or greater Global speed limits now fluctuate less, unused quota during each timeslice is now carried over instead of discarded TLS certificates generated by FileZilla Server now use a random serial number Server is locked and clients are still connectedįor a more detailed list of changes, please have a look at the SVN changelog located at. Server will go offline or will exit when all clients are disconnected You can enable/disable, lock/unlock or exit the server as well Please report any bugs immediately to don't forget to include some system details as it helps to identify theįrom the tray icon you've access to different features ofįileZilla Server. ![]() Server and user/group speed limits based on rule sets. No-transfer timeout which can kick idle users which use Runs as service under Windows Vista, 7, 8, 8.1 and 10Īll options can be set at runtime, there's no need to take
0 Comments
Leave a Reply. |