|
Cerberus FTP Server 11 does not officially support Windows Server 2008 and 2008 R2. Cerberus will continue supporting version 10 on Windows Server 2008 and 2008 R2. Please see Minimum System Requirements for more details.
Version 12.0 Release Notes
Cerberus FTP Server 12 no longer supports 32-bit operating systems and cannot be installed on Windows Server 2008 and 2008 R2. Please see Minimum System Requirements for more details.
Cerberus FTP Server 12.0 introduced a couple of minor, yet backward-incompatible changes to the Cerberus SOAP API. Please see the SOAP API changes in 12.0 for more information about these changes.
Version 12.8.0 Official Release — 6/13/2022
- Fixed: Security vulnerability introduced in 12.7.0
Version 12.7.1 Official Release — 5/12/2022
- Fixed: In HTTP/S web client, users cannot navigate into subfolders of public shares
- New: Native Cerberus users with 2FA-enabled can now use the Forgot Password reset link
- New: HTTP/S web client and Web Administration now enforce a stricter Content Security Policy that blocks the execution of inline scripts
- New: Cerberus now supports long file paths, allowing folder paths longer than 260 characters
- New: FTP/S listeners now have a new option to enforce data connection resumption; FileZilla enforces resumption and Cerberus now enables this option automatically for FileZilla clients
- New: On the Summary page, administrators can now click on a user or group in a System Message and navigate directly to that account
- New: In Event Manager, Public File Transfer events now include variables for who shared the file and their email address
- Fixed: Upgraded to moment.js 2.29.3 to address CVE-2022-24785
- Fixed: Upgraded to zlib 1.2.12 to address CVE-2018-25032
- Fixed: Upgraded to curl 7.83.0 to address CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, and CVE-2022-27776
- Fixed: Addressed OpenSSL security vulnerabilities with a patch for CVE-2022-1292
- Fixed: In Report Manager, Clean Tables did not remove old records from the sessions table in the reporting database
- Fixed: In AD Users, when setting AD group to Cerberus group mappings, no groups were displayed for ‘.’ AD configurations (local user database)
- Fixed: Upgraded to gSOAP 2.8.121
- Many minor bug fixes and improvements
- New: HTTP/S web client now has a “Download as Zip” context menu option for easier downloading of multiple files and folders
- New: In HTTP/S web client, public shares are now allowed to never expire
- New: LDAP search results now page only when the LDAP server supports paging
- New: LDAP search paging can now be overridden by configuration option and defaults to using paging only when supported
- Fixed: In HTTP/S web client, when creating a zip file, there was no UI feedback that a zip file was being created
- Fixed: In HTTP/S web client, changes to the AM/PM of a public share expiration were not saved
- Fixed: In HTTP/S web client, public shares had the wrong expiration date when selecting the last available day of the maximum share duration
- Fixed: Microsoft Edge WebView2 process failures were not logged
- Fixed: In Report Manager, an error occurred when exporting a CSV for an Account report
- Fixed: AddUser SOAP API call ignored ipAllowList except when “priority” was also set
- Other minor bug fixes and improvements
- New: Report queries can now be saved, edited, and deleted
- New: Report generation now supports relative dates using a “search back” time period
- New: In Event Manager, Scheduled Tasks can now generate a report using a previously Saved Report and deliver it via email
- New: Significant performance improvements to the Cerberus Desktop GUI when using Microsoft Edge WebView2
- New: Microsoft Edge WebView2 runtime automatically downloaded and installed by the Cerberus installer
- Fixed: SSH server fingerprint changed when modifying SSL/TLS certificates
- Fixed: Memory leak in the Cerberus Desktop GUI
- Fixed: JavaScript error in Cerberus Desktop GUI when mapping to Cerberus Native groups for groups that only contain numeric characters
- Fixed: Upgraded to curl 7.80.0
- Fixed: AD and LDAP users should not be subject to the Cerberus password expiration policy (introduced in 12.3.0)
- Fixed: Password expiration times were incorrect and should not have been shown for AD and LDAP users
- Fixed: The sidebar navigation link to ‘LDAP Users’ does not work from Web Administration
- Fixed: Upgraded to curl 7.79.0 to address security vulnerabilities
- Fixed: Upgraded to gSOAP 2.8.116 to address security vulnerabilities
- Fixed: Infoblox devices could not upload files via SCP
- Fixed: In HTTP/S web client, iOS 12 devices could not upload files
- Fixed: Adding a new virtual directory overwrote an existing virtual directory with the same name
Version 12.2.1 Official Release — 9/2/2021
- Fixed: Memory leak when using Web Administration or the Cerberus Desktop GUI
- New: Native Cerberus users now have secondary groups to allow a user to be in multiple groups
- New: In AD Users, when displaying a user’s details, AD group to Cerberus group mappings now appear as secondary groups
- New: In User Manager, when displaying a user’s virtual directories, there is now a table column for the group(s) that the virtual directory was inherited from
- New: When upgrading to future versions of Cerberus, the account running the Cerberus service will no longer revert to LocalSystem
- New: In Report Manager, the Account Report now includes AD and LDAP users in addition to native Cerberus users
- New: In Report Manager, administrators can now remove old records from their reporting database using “Clean Tables”
- New: In Report Manager, each report now only shows filters relevant for that report type
- New: SCP now supports downloads with wildcards in the filename
- New: Added support for TLS Extension #23 Extended Master Secret (EMS) to mitigate Triple Handshake (3SHAKE) and other potential attacks
- New: In Server Manager, when adding an Active Directory user or group as a Cerberus admin, the distinguished name (DN) can now be searched with autocomplete
- New: In Event Manager, Folder Monitor now allows deleting read-only files
- New: In HTTP/S web client, public shares now includes a new option to send one email notification for all transferred files every 5 minutes
- New: In HTTP/S web client, public share notification emails now include the contents of downloaded zip files
- New: Improved performance for customers with many concurrent client connections
- Fixed: Addressed OpenSSL security vulnerabilities with a patch for CVE-2021-3712
- Fixed: Replaced colorbox jQuery lightbox plugin to address security vulnerabilities
- Fixed: Upgraded to curl 7.78.0 to address security vulnerabilities
- Fixed: Upgraded to handlebars 4.7.7 to address security vulnerabilities
- Fixed: Cerberus crashed intermittently for customers with many concurrent client connections
- Fixed: SCP preserve timestamps did not use the correct timestamps for recursive downloads
- Fixed: In HTTP/S web client, public share notification emails did not render correctly in MS Outlook
- Many minor bug fixes and improvements
- New: In Event Manager, the Transfer File Target now allows retrieving files from another server via SFTP, FTP, FTPS, and HTTP/S GET
- New: In Event Manager, the “IP Blocked Event” now includes a variable for the reason why the IP was blocked
- New: When using the Cerberus Desktop GUI, clicking on links now launches your default web browser instead of Internet Explorer
- New: On the Public Shares tab of User Manager, there is now a legend for the Public Shares table
- Fixed: Address a vulnerability to SSL renegotiation denial of service
- Fixed: When using the Cerberus Desktop GUI, clicking on links leaked the desktop URL as the referring URL
- Fixed: In AD Users, it was not possible to modify the domain for an existing Active Directory Users configuration
- Fixed: After upgrading to version 12.0, HTTP/S web client no longer displayed the “Find” checkbox option for the search filter
- Fixed: Incorrect search results are shown in tables when there are multiple, concurrent search requests that are received out of order
- Many minor bug fixes and improvements
- Fixed: HTTP/S web client was not displaying correctly in the browser
- New: On the Remote tab of Server Manager, there is now a legend for the Administrator Accounts table
- New: Support for Active Directory Web Administration users
- New: Active Directory Users page that allows native-like administration and mapping changes for AD users
- New: LDAP Users page that allows native-like administration and mapping changes for LDAP users
- New: Support for “includeSubDomains” and “preload” with HTTPS Strict Transport Security (HSTS)
- New: Public shares guided wizard for creating and emailing a public share
- New: Public shares notification option to be emailed on every file access
- New: Public shares session-based isolated uploads
- New: Public shares global option to hide original shared file or folder name in public URL
- New: Public shares CC and BCC options when sending a public share via email
- Improved: Public shares generated password is now automatically shown
- Improved: Web client file share notifications now contain the file names of files accesses through public share folders
- New: Web client dialog prompt for overwriting or resuming existing files on upload
- New: Web client growl-based notifications for reporting operations status
- New: Web client activity center to see any growl notifications generated on the current page
- New: Web client listener options to add a welcome message to password-protected public shares
- New: Web client listener options to require welcome message acknowledgement for password-protected public shares
- New: Web client listener option to hide the ‘Accounts’ page for all users
- New: Web client listener option to prevent creating permanent zip files on the server
- New: Web client can generate MD5 (non-FIPS mode only), SHA1, SHA256, SHA512 hashes of any web client file
- New: Web client option for users to enable auto-uploads for their account, or on a per-queue basis
- New: Web client option for users to enable auto-clearing of the completed upload file list for their account, or on a per-queue basis
- New: Web client option for users to disable upload image and video previews on their account
- New: Web client option to allow users to open a file in a new tab
- New: Web client now has all interface and messaging available to be customized for localization
- New: Web client allows HTML in the Login and Public Share welcome messages
- New: Web client no longer allows changes to be made to anonymous account’s settings by the user
- New: Web client now shows the date of password expiration on the Accounts page
- New: User Manager now shows the date of password expiration on the user’s details page
- Improved: Numerous small bugs, UI improvements, and performance improvements
- Removed: Can no longer be installed on Windows Server 2008 and Vista
- Removed: Legacy, unmaintained dialog-based Server Manager, IP Manager, and User Manager (these had been deprecated almost 2 years ago)
- Removed: Support for 32-bit operating systems
Cerberus FTP Server 11.0 introduced a couple of minor, yet backward-incompatible changes to the Cerberus SOAP API. In particular, the SOAP API operations for GetLicenseInfo and GetLogMessages now provide richer data. Please see the Cerberus SOAP API Reference for more information about the SOAP API.
Version 11.x Release Notes
- Fixed: Duplicate folders when AD user is assigned to multiple groups with the same virtual directories
- Fixed: Missing file and directory upload browser button icons on mobile devices
- Fixed: Cerberus terminates due to unhandled exception
- New: SCP preserve timestamps option for file uploads
- New: In Server Manager, there is now an option to control exclusive upload file locking for SSH SFTP version 4 and lower
- New: Upgraded to curl 7.75.0
- New: Improved performance for customers with many client connections per second and authenticating with native Cerberus users
- New: In User Manager, improved search performance when there are many users
- New: When viewing a selected user account, User Manager now allows creating a new group in addition to selecting an existing group
- Fixed: Addressed OpenSSL security vulnerabilities with patches for CVE-2021-23839, CVE-2021-23840, CVE-2021-23841
- Fixed: Upgraded to jQuery validation 1.19.3 to address security vulnerabilities
- Fixed: Cannot access Cerberus Desktop GUI when cookie support is disabled
- Fixed: Cerberus Desktop GUI showed many errors when the “HTTP/S Web Admin Session Timeout” value was very low
- Fixed: Cerberus did not consistently timeout Web Administration sessions
- Fixed: In Server Manager, HSTS cannot be set on HTTP/S Admin listeners
- Fixed: In Report Manager, the log showed numerous errors when using SQL Server 2012
- Fixed: In User Manager, users and groups with special characters did not display correctly
- Many minor bug fixes and improvements
- New: On the Advanced tab of Server Manager, Cerberus now allows enabling experimental beta features
- New: Active Directory Users page allows native-like administration and mapping changes for AD users (beta feature)
- New: LDAP Users page allows native-like administration and mapping changes for LDAP users (beta feature)
- New: Cerberus now provides more logging when repairing a corrupted stats.dat file
- New: User Manager now allows the revocation of a public share from the context menu
- New: Server Manager now allows admins to force users’ browsers to reload HTTP/S Web Client static resources instead of loading cached versions
- Fixed: Cerberus Desktop GUI is slow or unresponsive after updating to version 11.3.1
- Fixed: Cerberus crashed when SFTP clients sent an invalid SFTP packet
- Fixed: LDAP search results failed to find users when there are more than 1000 users
- Fixed: When disabling FIPS 140-2, Server Manager did not display a warning that Cerberus needs to be restarted
- Many minor bug fixes and improvements
- New: Cerberus now uses KeyPair’s FIPS 140-2-validated cryptographic module with Certificate #3503
- New: In Server Manager, Cerberus now allows a configurable value for the Web Administration session timeout
- New: In the Interfaces window, Cerberus now displays more detailed security-related feedback and messages for each listener.
- New: User Manager now allows searching users by their first and last names
- New: User Manager now displays the date a user was created
- New: Web Administration now shows the labels for SMTP servers to more easily differentiate between multiple servers
- New: Report Manager now warns when an unsupported ODBC driver is selected
- Fixed: Addressed OpenSSL security vulnerabilities with patches for CVE-2020-1971 and CVE-2020-1968
- Fixed: Upgraded to curl 7.74.0 to address curl security vulnerabilities
- Fixed: Cerberus passed sensitive values in URLs that could expose them to people with access to server and application logs
- Fixed: Cerberus crashed when server certificate and private key are missing and SSL/TLS is enabled
- Fixed: Cerberus failed to verify an LDAP server without manually entering the correct password on the Binding Options page
- Fixed: In Report Manager, Cerberus logs errors when writing audit records for administrator actions to a MySQL database
- Fixed: Users could not enable 2FA even though they are required to do so because “Allow 2 Factor” had not been checked
- Fixed: Users cannot login because User Manager allowed admins to set the invalid state in which “Require Password Change on Login” is checked but the user is not allowed to change their password
- Fixed: Report Manager cannot connect to SQL Server database when the database name includes a hyphen
- Many minor bug fixes and improvements
- New: User Manager now has a “horizontal” layout to reduce the amount of scrolling when administering native users and groups
- New: Usability improvements to Extension Blocking in User Manager
- New: The Summary page now warns when a certificate is expiring or has expired
- New: The Summary page now warns when remote host certificate verification is disabled
- New: In Server Manager, admins can now customize the issuer name to something other than “Cerberus” when using OTP for two-factor authentication
- Fixed: Cerberus did not enforce password history policy for web administrator accounts
- Fixed: In web administration and web client, Cerberus allowed a malicious actor to spoof content with misleading messages designed to trick users
- Fixed: In web administration and web client, browsers may store pages in the user’s browser cache that could be accessible to a malicious actor on a public computer, a shared system, or a machine in a semi-public area.
- Fixed: In web administration, Cerberus disclosed passwords or other sensitive data in an unmasked format in the HTTP response
- Fixed: In Report Manager, the log showed numerous errors when using SQL Server Express LocalDB 2012
- Fixed: Enhanced log filtering only filtered the first IP address and ignored any additional filters
- Many minor bug fixes and improvements
- Fixed: Updated to the latest version of MomentJS to address a vulnerability to regular expression denial of service
- Fixed: HTTP/S web client localization allowed language translations that could include malicious JavaScript
- Fixed: Cerberus crashed when HTTP/S web client served a file with a timestamp in which the year is more than 3000
- Fixed: In the log, Cerberus sometimes attributed system tasks to users
- Fixed: When uploading via SCP, some SCP clients showed the transfer as failed even though the transfer was successful
- Fixed: In SOAP API, GetGroupInformation always returned empty “sshOptions”
- Fixed: Sync Manager added a new server entry instead of updating the existing entry when editing the IP address
- Authentication for Active Directory users now only queries users using a legacy API if “Try Alternative Active Directory Check” is enabled
- In web administration and web client, Cerberus now creates intermediate directories when creating directories
- Cerberus now supports DUO Federal for two-factor authentication
- Report Manager now creates a database index on the ‘files’ table for MySQL/MariaDB
- User Manager now sets the Last Login value for a cloned user account to be “Unknown”
- Other minor bug fixes and improvements
- Fixed: Cerberus crashed when HTTP clients request invalid ranges
- Fixed: Cerberus crashed when loading certificates from an invalid PFX file
- Fixed: LDAP user was not able to change password when LDAP configuration has SSL enabled
- Fixed: Memory leak in Cerberus Desktop GUI
- Fixed: In Event Manager, Session Report email did not render correctly in MS Outlook
- In web administration, tables did not remember settings for number of rows per page
- Other minor bug fixes and improvements
- New: Report Manager now supports the PostgreSQL database
- Fixed: Extension blocking did not reject prohibited file extensions from being uploaded with SCP
- Fixed: Log Manager did not show the time in the local time format
- Fixed: In Event Manager, Logoff Event rules with Email Session Report action could only select Default Email Server even though there are multiple SMTP servers
- Fixed: In Report Manager, Cerberus failed to generate a File Report when using SQL Server 2008 R2 as the database
- Fixed: Cerberus crashed when an FTP client uploads a file using MODE Z compression
- Fixed: When running as an application (as opposed to running as a Windows Service), Cerberus did not verify remote host certificates
- Fixed: Cerberus could not verify valid remote host certificates because of expired certificates in the OS trust store
- Fixed: Event Manager did not trigger a Directory Created Event when a dragging and dropping a folder in the HTTP/S web client
- Fixed: Event Manager did not trigger a File Transfer Event when uploading a file to a virtual directory with a trailing slash
- Other minor bug fixes and improvements
- New: Log files can now be filtered by IP or username
- New: In Server Manager, changing admin passwords is now separate from editing admin accounts
- Fixed: In Event Manager, the HTTP Post event action stopped including variables
- Fixed: In Event Manager, the error “An address incompatible with the requested protocol was used” occurred when connecting to an SMTP server
- Fixed: Cerberus service would not start on Windows Server 2008
- Fixed: When responding to an FTP STOR command, Cerberus sent a 426 reply instead of a 500 reply when the parent folder does not exist
- Fixed: In User Manager, CSV import of users allowed users in groups that did not exist
- Fixed: Images and videos cannot be previewed in the HTTP/S web client
- Other minor bug fixes and improvements
- Cerberus customers that block outgoing connections with their firewall should only have to allow connections to the domain www.cerberusftpserver.com with IP address 216.92.201.26 for Cerberus to auto-update
- New: Cerberus now performs certificate and host name verification for all outgoing SSL/TLS connections by default
- New: Event Manager now has a Transfer File Target that allows transferring files to another server via SFTP, FTP, FTPS, HTTP PUT, and HTTPS PUT
- New: Event Manager now has labels for Event Targets so that administrators can assign unique names to differentiate between them
- Removed unnecessary newlines from the log
- Fixed: When Cerberus checks for updates, those outgoing SSL/TLS connections did not verify the certificate or host name
- Fixed: In User Manager, requiring a user to change their password does not actually force the user to change their password after logging in
- Fixed: Log Manager displays a “parseerror” message when the log contains binary data
- Fixed: In Event Manager, modifying a cloned event applies changes to the original event
- Fixed: In Server Manager, changes to SSH Security Defaults are automatically saved without confirmation
- Other minor bug fixes and improvements
- User Manager guided workflows for creating users and groups, including enhanced data validation and error checking
- Upgraded admin password change controls for setting and changing user and administrator passwords
- Easily adjust generated password lengths beyond the minimum at the time of password generation
- Multiple enhancements to the Log Manager including a continuous log view with no paging, a configurable refresh rate, visual indications to indicate when the log will next refresh, as well as a dedicated context menu item and toolbar button to immediately refresh the log
- Added support for additional SSH2 key exchange methods to include diffie-hellman-group14-sha256, diffie-hellman-group16-sha512, diffie-hellman-group18-sha512
- Upgraded to gSOAP 2.8.99 to address gSOAP security vulnerabilities
- FTP commands for setting file date/time provide better error messages on failure
- Fixed: Filter/Find for HTTP/S web client allows bypassing of virtual directory permissions
- Fixed: In User Manager, new users and groups no longer need an initial save before you can add new virtual directories
- Fixed: In User Manager, the disable date constraint for users and groups ignores PM times
- Other minor bug fixes and improvements
- Fixed: Memory leak when querying which groups a user is a member of in Active Directory
- Fixed: Memory leak when statistics file cannot be opened at startup
- Fixed: Cerberus crashes when there are multiple HTTP/S web client requests for a new localization language file
- Fixed: Log Manager displays a “parseerror” message when the log contains binary data
- Fixed: SCP does not handle using single quotes around filenames
- Allow administrators to view queue sizes for diagnostic purposes
- Other minor bug fixes and improvements
- Fixed: Memory leaks when transferring files via SFTP
- Fixed: Cerberus crashes when HTTP/S web client receives a malformed URL
- In Active Directory administration, searching for users and groups when creating mappings will now use the Binding Options credentials instead of the credentials for the account running the Cerberus FTP Server Windows service
- Other minor bug fixes and improvements
- Fixed: In Log Manager, scripts errors occur when using the right-click menu options
- Fixed: In User Manager, updating a user shows an error message when using group overrides
- Other minor bug fixes and improvements
- Upgraded to OpenSSL 1.0.2u to address OpenSSL security vulnerabilities
- Cerberus now shows a warning that legacy managers are deprecated and will be removed in a future version
- Other minor bug fixes and improvements
- Fixed: Unzip for HTTP/S web client allows bypassing of blocked file extensions
- Fixed: Folder Monitor status is never updated
- Other minor bug fixes and improvements
- Fixed: XSS Vulnerability When Previewing SVG Content
- Fixed: In User Manager, removing a native Cerberus user from a group shows an error message
- Fixed: Public shares are shown even though they have expired
- Fixed: Public shares allow creating shares that are already expired
- Log Manager displays much faster now
- In Active Directory administration, searching for users and groups when creating mappings should be faster
- Other minor bug fixes and improvements
- Fixed: Zip and unzip for HTTP/S web client allow bypass of virtual directory permissions
- We now show a warning during installation that Cerberus 11 is not officially supported on Windows Server 2008 and 2008 R2
- Other minor bug fixes and improvements
- Fixed: In Event Manager, Scheduled Tasks drift later after each run
- Fixed: In Event Manager, Scheduled Tasks do not run as scheduled for weekdays
- Fixed: Long message notifications are not formatted correctly
- Fixed: Cerberus displays an error message for missing MF.dll on Windows Server 2008 R2
- Fixed: Cerberus install fails even though Internet Explorer 9+ has been installed
- Other minor bug fixes and improvements
- Significantly faster performance (up to 10x) when writing files across the network using the Server Message Block (SMB) protocol
- Enhancements to User Manager UI (Desktop GUI and web administration) for a responsive and consistent experience across devices
- In web administration, User Manager now allows managing blocked file extensions and CSV export/import of users
- User Manager provides richer visual feedback when previewing the import of users from a CSV file
- User Manager shows all of the members of a group including Cerberus Native users, LDAP users, AD users, and AD groups
- Web administration now shows connections, transfers, and logging
- Log Manager logs IP addresses and usernames when logging connection-related events
- Log Manager allows administrators to download log files
- Log Manager provides features such as searching, row grouping, column sorting, and showing/hiding columns
- New notification system displays small pop-up notifications about events that are important to the user
- New notification system allow administrators to view a history of changes made during their session
- Redesigned Server Manager for better segmentation and grouping of server configuration options
- In Server Manager, administrators can require uppercase and lowercase letters in their password complexity policy
- Cerberus supports nested group membership for the AD “Require Security Group Membership” option
- HTTP/S web client localization can now be accessed and modified directly from the Desktop GUI
- Fixed: Password reset is vulnerable to HTTP host header attack allowing malicious password reset emails
Version 10.x Release Notes
- Upgraded to OpenSSL 1.0.2t to address OpenSSL security vulnerabilities
- Fixed: Extension blocking does not reject prohibited file extensions from being uploaded in certain situations
- Fixed: Cerberus crashes on startup when it cannot make outbound Internet connections
- Fixed: Cerberus crashes when SFTP client sends an invalid SSH packet header
- Fixed: Cerberus cannot update itself when configured to use a proxy
- Fixed: In Report Manager, the Disabled column in Last Login Statistics Report does not consider user’s group membership
- Fixed: In web administration, Server Manager cannot generate a self-signed Elliptic Curve Cryptography (ECC) certificate
- Other minor bug fixes and improvements
- Fixed: HTTP security header for Content-Security-Policy is blocking access to Google reCAPTCHA and Duo Security
- In the log, the remote port is now shown in addition to the IP address for incoming connection requests
- Updated HTTP security header for Content-Security-Policy to include “default-src” directive as a best practice to prevent XSS attacks
- Fixed: Email is vulnerable to SMTP header injection in the Subject field
- Fixed: HTTP/S web client users could alter the shared files of other users
- Other minor bug fixes and improvements
- Fixed: Group settings requiring multifactor authentication are ignored when users login via HTTP/S
- Fixed: In Server Manager, enabling FIPS 140-2 when using a PKCS#12 certificate for the server key pair causes an error and unusable SSL configuration
- Fixed: Event Manager does not trigger file transfer event for HTTP/S downloads when file is 0 bytes
- Fixed: When command-line FTP clients issue list commands, group and owner names are not displayed
- Fixed: When command-line FTP clients issue list commands, last-modified timestamp is formatted incorrectly
- Other minor bug fixes and improvements
- In the HTTP/S web client, security questions are now only shown on the account page if password resets are enabled
- Added the Same-Site browser cookie attribute as a security best practice for preventing CSRF attacks
- In Server Manager, updated the UI for the logging page to make it more clear that the Syslog port is configurable
- Improved accessibility in the HTTP/S web client for users that require assistive technology (screen reader, keyboard-only navigation, etc.)
- Fixed: Emails sent from Cerberus are blocked by some spam filters
- Fixed: Cerberus identifies Windows Server 2019 as Windows Server 2016 in the logs
- Many minor bug fixes and improvements
- Upgraded to OpenSSL 1.0.2s to address OpenSSL security vulnerabilities
- Fixed: Verification of LDAP configuration uses stale configuration settings
- Fixed: Cerberus ignores proxy settings during update process
- Fixed: MFMT FTP command fails to modify the last modification time for directories
- Other minor bug fixes and improvements
- The About dialog now displays the serial number for the license
- SCP has better support for downloading large files
- Improved how session IDs are generated to increase entropy
- Fixed: Server crashes with certain invalid Active Directory configurations
- Fixed: User Manager saves invalid Active Directory and LDAP configurations
- Fixed: In Report Manager, connecting to a MySQL 8.0 database returns an authentication error
- Fixed: Users could reset their password even though they are not allowed to change their password
- Fixed: In the Desktop GUI, unable to configure Captcha settings for HTTP/S web client interfaces
- Other minor bug fixes and improvements
- Desktop GUI now supports keyboard shortcuts and other keyboard controls in all windows
- Report Manager now shows a progress dialog when updating the reporting database configuration
- In Server Manager, the Remote page now shows the SOAP service endpoint URL based on the current server configuration
- Fixed: In Event Manager, email notifications for file transfer events of FTP uploads and downloads always show file size of 0 bytes
- Other minor bug fixes and improvements
- In Event Manager, a variable for the unique session ID is now available for events generated by logged in users
- Updated optional HTTP security header for X-XSS-Protection to “1; mode=block” to prevent the web browser from rendering pages if a potential XSS reflection attack is detected
- Fixed: XSS vulnerability in HTTP/S web client
- Fixed: In web administration, cannot view or edit description for a group with User Manager
- Fixed: In Report Manager, exported CSV files display international characters incorrectly
- Fixed: When uploading via SCP, names of files and folders with international characters do not transfer correctly
- Fixed: SCP download fails when filenames include a space character
- Fixed: SCP recursive download fails when empty folders exist in the directory tree
- Many minor bug fixes and improvements
- Upgraded to OpenSSL 1.0.2r to address OpenSSL security vulnerabilities
- Display password policy requirements in every place in which passwords are changed
- Fixed: XSS vulnerability in web administration
- Fixed: When importing users from CSV, settings for users with overrides are lost
- Fixed: When exporting users to CSV, not all user properties are exported
- Fixed: In HTTP/S web client, folders with ampersand character in their name are not shown correctly
- Fixed: Usernames with space character cannot setup 2FA when using an authenticator app on iOS devices
- Fixed: HTTP/S web client session timesout even though session timeout is disabled
- Other minor bug fixes and improvements
- Added labels for Active Directory domains
- Updated to the latest version of gSOAP
- Fixed: Active Directory users cannot change their password when the user must change their password at next login
- Fixed: User is disabled when their authentication requirement is “Public Key OR Password” and the setting “Disable account if last login exceeds X days” is enabled even though the user had previously successfully logged in (within the specified time frame)
- Fixed: A user logging in with a public key and “Public Key OR Password” authentication requirement was not restricted by IP or protocol
- Fixed: When uploading, SCP users without “Create Directory” permissions could create directories
- Fixed: In web administration, Server Manager allows setting admin passwords that are not compliant with the password policy
- Fixed: In web administration, when adding a new user, User Manager does not warn when a user with that username already exists
- Fixed: Added support for ABOR FTP command
- Other minor bug fixes and improvements
- In Server Manager, added a configuration option to allow reading from files being uploaded
- Fixed: HTTP/S web client does not allow users to change their password when 2FA is enabled
- Fixed: In some circumstances, the Service Connect dialog of the Desktop GUI displays the admin password in the username field
- Fixed: In the legacy Server manager, the primary administrator account can be deleted
- Fixed: In web administration, on the remote tab of Server Manager, you are able to rename an admin account to an existing admin account
- Fixed: HTTP/S web client does not show folder contents when a user’s virtual directory path ends with a backslash
- Other minor bug fixes and improvements
- Completed Windows Server 2019 certification
- The summary page shows a warning for weak password policies
- When using the Desktop GUI, the menu for Server Manager is now static and fixed to the top of the screen
- Added support for XCRC FTP command with start and end points
- Added support for ABOR FTP command for IBM AS/400
- Fixed: Cannot change password when connected to the server using WinSCP over SFTP
- Fixed: Cannot upload file using SCP
- Other minor bug fixes and improvements
- Upgraded to OpenSSL 1.0.2q to address OpenSSL security vulnerabilities
- Auto-generate a policy-compliant password for public shares
- More intuitive status indicators for IP Listeners on the Summary page
- Added more detailed debug logging for unrecognized FTP commands
- Fixed: In web administration, Server Manager cannot disable public share settings
- Other minor bug fixes and improvements
- Fixed: When LDAP users are logging into the HTTP/S web client, they are prompted to set security questions
- Fixed: UI cannot connect to service after setting remote password during the Getting Started Wizard
- Fixed: Sync Manager overwrites the primary admin account on the remote server
- Two-factor authentication for web administration
- Enhancements to Server Manager UI (Desktop GUI and web administration) for a responsive and consistent experience across devices
- Added initial capability for transferring files over Secure Copy Protocol (SCP), a "remote copy" capability leveraging SSH to provide authentication and secure transfer
- Numerous improvements to HTTP/S web client including faster and more scalable page rendering and better proxy handling for requests
- A more consistent UI and easier to use controls for web administration
- Added separate options for requiring two-factor authentication when users login with FTP or SFTP, in addition to HTTP/S
- Added new settings for controlling optional HTTP security headers
- Added an option to toggle HSTS for an HTTPS listener
- Added an option to require web client users to acknowledge and consent to the welcome message during login
- After upgrading Cerberus, the summary page shows a warning as a reminder to switch back the account used to run the Cerberus Windows service if it was reset during the upgrade
- The summary page shows a warning when there are accounts configured to allow anonymous access
- The summary page shows a warning that recommends disabling old and insecure versions of TLS 1.0 and 1.1 for SSL-based SOAP (Remote) connections
- HTTPS listeners show when HSTS is enabled
- Prevent web browsers from autofilling password fields when setting a password for another user
- Fixed: Server Manager settings are reverted after a service restart because they were not saved to configuration
- Fixed: Event Manager does not trigger account password expiring event
- Fixed: In Event Manager, subtasks remain disabled when editing or cloning an existing event action
- Fixed: Display issues for mobile HTTP/S web client
- Fixed: Formatting issues for the welcome message when viewed in the HTTP/S web client
- Fixed: Web browser script error when generating a User and File report on 32-bit Windows Server 2008 with IE 9
- Fixed: Language translations do not include web client login failure messages
- Fixed: SOAP API does not allow setting MFA settings on a user account
- Fixed: Backup and restore does not include log4j XML files
|
Version 9.x Release Notes |
- Fixed: Event Manager does not trigger a failed file transfer event when there is an unsuccessful upload from the HTTP/S web client
- Fixed: Event Manager removes the failure action when editing the event action that the failure action is associated with
- Fixed: Report Manager throws a SQL error when generating a login report with a date range
- Fixed: Desktop GUI Admin is slow to initialize if the server does not have Internet access
- Fixed: Non-compliant HTTP 1.1 behavior related to closing connections
- Fixed: Older 1.0 group configuration files do not get upgraded when upgrading to the latest version of Cerberus FTP Server
- The free IP geolocation service we used is no longer available. We’ve provided a temporary workaround by moving to a new geolocation service.
- Changed the Report Manager Filename field to File path to better reflect that field’s use
- Added a public uploads filter to the Report Manager’s search console
- Other minor bug fixes and improvements
- Added options to allow and require 2 factor authentication for users and groups
- Added 2 factor authentication support for LDAP and Active Directory web client users
- Added a new IP Manager to manage IP blocking
- Added an option to show the password when filling out a new account request
- Added context-menu support for virtual directory management in web administration
- Added double-click support for editing virtual directories in web administration
- Added select all/none for virtual directories in the web administration
- Selecting a directory will now populate a default virtual directory name in the virtual directory dialog in web administration
- Added options to automatically generate passwords and show passwords when changing or setting a password for the first time in web administration
- Added an indicator showing whether the password and password confirmation inputs match for web administration password boxes
- Added an indicator of the current password policy in the change/set password dialogs in web administration
- Added a password generator for web administration change password dialogs
- Added SHA256 SSH public key fingerprint generation when validating certificates
- The Share and Email dialogs for public sharing now indicate whether a password is required in the placeholder text for the share password field
- Admin password resets of user accounts now ensure password policy enforcement like the desktop admin UI
- Event Manager event actions can now have no variables selected for an action
- Added option to select all/none for event variables to be included in individual email actions
- Added a dedicated download button on files in public directory shares
- Fixed bug preventing selecting/unselecting a variable in the Event Manager’s variable list when clicking directly on the checkbox
- Fixed a problem with IE9 and HTTPS web client uploads
- Fixed truncating uploaded file names with semicolons in the web client
- Disabling FTPES advertisement now denies TLS upgrade requests
- Enforce CSRF token on 2F verification and upload forms
- Add more strict cache control headers to sensitive pages
- Fixed the address book not appearing for LDAP and AD accounts in the web client
- Upgraded to OpenSSL 1.0.2n to address OpenSSL security vulnerabilities
- Enhanced the web IP Manager
- Fixed a folder monitor UI bug
- Fixed a user manager UI bug that resulted in no group being displayed for a user
- Miscellaneous bug fixes
- We now support very large path lengths when the underlying path is a UNC share
- Enhanced the web IP Manager
- Fixed a bug that resulted in public file share folder and file zipping returning zero-length zip archives
- Fixed a bug in the IP Manager
- Added country logging for IP geolocation
- IP geolocation optimizations
- Upgraded to OpenSSL 1.0.2m to address OpenSSL security vulnerabilities
- New zip and unzip library with support for archives greater than 2GB
- New global option to disable displaying file sharing tabs and button in the web client
- Improved pagination in the web client and web administration
- Fixed a bug that reversed the current and latest version labels on the summary page
- Fixed an HTTPS web client file upload bug
- Added an “overwriting existing file” label for when web client uploads are overwriting an existing file
- Fixed a bug that resulted in AD accounts that use directory attributes for SSH public key authentication being unable to retrieve the SSH key from AD
- Fixed a bug that caused an FTP rename that overwrites an existing file to fail even when the “allow rename to overwrite existing files” FTP option is selected
- Fixed support for IPv6 addresses
- FIxed IP address note wasn’t getting added in web administration for CIDR ranges
- Fixed a bug in web administration that prevented administrators from changing their passwords
- Added an Add Folder button to the HTTPS client upload control for browsers that support it
- Fixed pre-upload existence and resume checking for files uploaded through folder drag and drop
- Added displaying of full relative file path for files when uploading folders in the web client
- Fixed various UI issues in the web client
- Shared file or folder notification emails now properly reflect whether the file is uploaded or downloaded
- Event Manager admin changes are better logged for auditing purposes
- Fixed s
- Fixed a potential web administration crash
- Updated the SOAP library
- Fixed the WSDL link from the web administrator page
- Miscellaneous minor bug fixes and performance improvements
- Included additional web client translations for German, Danish, Norwegian, Polish, Hungarian, Arabic, French, Chinese, Russian, and Finnish
- Removed SEED and CAMELLIA ciphers from our default cipher lists
- Improved geolocation of IP addresses and error reporting
- Fixed a bug where the Summary and Interfaces couldn’t be displayed for some configurations
- Performance improvements
- Bug fixes for web clients viewing the using a default language other than English
- Bug fixes and a fallback summary and interfaces page for Server Core installations that do not support the IE browser control
- Other bug fixes
- HTTP/S web client two-factor authentication with any HOTP client
- Updated HTTP/S web client user interface
- Multiple language support for the HTTP/S web client
- Updated web administration, events, and reporting dialogs
- New server administrator auditing reporting
- Resizable User Manager, Server Manager, and IP Manager dialogs
- Complete rewrite of web administration code for better performance and security
- Web administration now uses session-based authentication instead of basic authentication to allow sign in and sign out capability
- New scalable summary page
- Better DPI handling for embedded web page controls
- Significant performance improvements through code rewrites and a move to the Visual Studio 2017 compiler and CRT libraries
- Added an option to allow replacing a file on rename with FTP
- Added an option to allow disabling FTP TLS upgrade advertisement for plain FTP connections
- Added an option to enforce the system password policy on public file shares
- Enhanced Share settings page on the web client
- Added support for locking and unlocking specific regions of files for the SSH SFTP commands BLOCK and UNBLOCK
- Reduced log verbosity for initial connection messages (without any loss of information)
- Compatibility with Azure SQL Server and encrypted database connections for the auditing and reporting database
- The downloader’s IP address is now recorded and included on file access reports for public file uploads and downloads
|
Version 8.x Release Notes |
- Updated the reCaptcha signup link in the reCaptcha dialog
- Authentication will no longer strip whitespace from the front and back of usernames during authentication
- The Folder Monitor can now handle directory names with ampersands
- Improvements to CSV import from third party SFTP servers
- Minor bug fixes
- Updated to OpenSSL 1.0.2k from OpenSSL 1.0.2k to address security vulnerabilities in OpenSSL
- Minor bug fixes
- Public uploads now trigger a public file transfer event, and you can differentiate a public download from a public upload using rule conditions
- Executable target event actions now properly report error codes and wait for process execution to complete
- Administrators can configure a max wait time for executable event actions to complete before processing the next action
- Updated to OpenSSL 1.0.2j from OpenSSL 1.0.1u
- Fixed a bug where zero length file uploads didn’t trigger a file transfer event
- Enhanced file policy result logging
- Added an FTP passive mode option to always use the internal IP for plain FTP passive mode responses
- FTP AUTH commands will now send an “Unavailable” response when FTPES is requested but TLS is disabled on the server
- Added an option during a server backup restore operation to not import the license key from the backup
- Improvements to AD and LDAP password changing
- Bug fixes and usability improvements in the User Manager
- Tab support for moving through user fields in the User Manager
- Support for the X-FORWARDED-FOR header for HTTP/S traffic for logging and IP management
- Improved proxy support for upgrade checking
- AD and LDAP mapping dialogs are now resizable
- Fixed the "Do Not Send Session Report if Empty" flag always being set to false when editing an email session report action
- Password generator now generates passwords that are at least 6 characters, even if password policy has no minimum length
- Fixed bug that could cause password generator to crash
- Fixed a bug that could result in a CPU spike in the Enterprise edition until the service is restarted
|
|
Version 7.x Release Notes |
- Upgraded to OpenSSL 1.0.1p to address an OpenSSL security vulnerability
- Fixed a bug that would result in incomplete directory reads for SSH SFTP version 6 clients and directories with large numbers of files
- Added an option to disable TLSv1.0 to the Advanced Security dialog
- Added an option to perform an alternate method of checking the AD groups an AD user belongs to for domains that don't return group information for a user through ADSI
- Moved the XML parser for the UI settings file to the same XML framework used for the service settings file
- Upgraded to OpenSSL 1.0.1m to address OpenSSL bugs and security vulnerabilities
- Fixed a bug related to public IP auto-detection that could result in a server crash under certain unusual circumstances
- Fixed a bug related to user Cerberus accounts that are part of a group ignoring the group's is anonymous setting and using the original account setting
- Upgraded to OpenSSL 1.0.1m to address OpenSSL bugs and security vulnerabilities
- Completed transition of web administration virtual directory, AD, LDAP, event, and license dialogs to new mobile-friendly framework
- CSV importer can now understand different line encodings
- Added option to exclude passive port range from syncing
- You can now customize the email subject for session reports
- Fixed synchronization and timer bugs that could result in server crashes
- Fixed socket send bug that could result in being unable to terminate a connection when a buggy client didn't signal it was ok to send data
- Fixed a bug in FTP download resumes that could result in corrupt resumed downloads
- Added SOAP API calls to set and retrieve the IP block list
- More robust CIDR list import support
- Added check to make sure an account request cannot be approved if there is already a user with that account name (web administration)
- Added HTTPS range header support (HTTP/s file download resume and better web video playback)
- Updated to OpenSSL 1.0.1k to address security vulnerabilities in OpenSSL
- New public file sharing SOAP API call to generate a public link to an existing file
- Properly advertise integrity checking command support for SSH SFTP to clients
- Added CRC32 checksum as SSH SFTP integrity checking option
- Do not send ".." as part of a directory listing when at a user's root for FTP and SFTP
- Fix web administration and SOAP DLL exception
- Web client Address books are now sortable by email or name
- Auto-suggest from address book when emailing public links now returns matching names in addition to email addresses
- External event processes no longer need their paths quoted when there are spaces in the path
- The working folder now correctly resets for external event process actions when changing the path of an exiting process
- Removed emtpy log statement for HTTPS uploads
- Updated HTTPS web client and web administration core libraries
- Fix web administration and SOAP DLL exception
- Disable SSLv3.0 by default
- Add an option to enable SSLv3.0 on the Advanced Security page
- Updated to OpenSSL 1.0.1j to address security vulnerabilities in OpenSSL
- Major re-design of web administration. Switched to a more modern, responsive web framework that scales on different devices
- Added options to manage remote settings and secondary web administrators through web administration
- Added clone user and clone group functions to web administration
- Added option to test cipher strings to web administration
- Added ability to override group properties on users to web administration
- Added additional local directory and file selection controls to web administration
- Added public share editing to web administration
- Added same report generation controls present on the desktop to web administration
- Added additional advanced options to web administration
- Fixed CSV export and import for PBKDF2 HMAC SHA256 and PBKDF2 HMAC SHA512 hashed passwords by adding iteration count
- HTTP/S web client uploads now show up in the active transfers list and are tracked in the upload speed meter control
- Minor bug fixes and improvements
- Updated to OpenSSL 1.0.1i to address security vulnerabilities in OpenSSL
- Fixed HTTP/S web client password strength meter bug in IE8
- Disabled accounts and accounts configured to allow only SFTP access with public key authentication will no longer receive password expiring emails
- 3DES encryption cipher is now considered at 112 bit symetric strength to better reflect effective strength
- Disabled users will also register with the "stop authentication if user exists" Policy settings
- Added PBKDF2 HMAC SHA256 and PBKDF2 HMAC SHA256 stretched password hashing algorithms as password storage hash options
- Added ability to select active SSH2 ciphers and HMAC algorithms
- Added SSH2 cipher minimum bit strength display to Summary page
- HTTP/S web client now allows zero-length file uploads
- Fixed a problem with the web client data/time control for IE 8 users
- Added support for generating the correct share link path when connections come in from an HTTPS proxy to a Cerberus HTTP listener
- Reports now track whether a file operation succeeded or failed
- Fixed web client bug for displaying local time that only used the user setting for displaying local time
- Fixed a bug in web client folder uploads for Chrome
- Fixed a bug on web client email selection and address book auto-complete
- Added an option to force all publicly shared files and folders be password protected
- Added more account options for CSV import (unlimited directories, password hashes, additional account parameters)
- Added capability to export user accounts as CSV files
- Added dedicated require password change option for native accounts
- Enhanced the default cipher list for HTTPS web administration to require minimum 128-bit, strong ciphers
- Added option to initiate automatic download of zip file without storing the resulting file on the server for web client zip operations
- Clients can now modify the share until date on their own publicly shared files
- Added web client in-browser editing of simple text-based files
- Updated to OpenSSL 1.0.1h to address security vulnerabilities in OpenSSL
- Added new MAC SSH algorithms hmac-ripemd160 and hmac-ripemd160@openssh.com
- Added DeleteDirectoryFromGroup, AddDirectoryToGroup SOAP API calls
- Renamed AddRoot, DeleteRoot to AddDirectoryToUser, DeleteDirectoryFromUser SOAP API calls
- Added create directory option to AddDirectoryToUser and AddDirectoryToGroup API calls
- Fixed an information disclosure for SSH logins vulnerability. Analysis of failed login result could allow attacker to determine if an account
exists or not. Thanks to Steve Embling, a Pentura Security Researcher, for discovering and reporting this vulnerability.
- Fixed ability to update to a different theme in the web client for LDAP and AD accounts
- Fixed web client file list sorting
- Hide the security question list for AD and LDAP accounts since they can't currently use the password reset feature
- Added password strength/entropy meter to HTTP/S web client account request and change password pages
- Added 3DES back to the list of available SSH ciphers
- Added a cipher list test button and a cipher list box to the Advanced Security dialog
- Changed the ephemeral EC generated to be compatible with IE
- IE8 HTTP/S web client improvements
- New 7.0 Release
- Redesigned HTTP/S web client that's been optimized for both desktop and mobile browsers
- Folder upload through HTTP/S web client with Chrome
- Enhanced web client address book for users
- Web client custom theme support
- Web client search support
- Web client image and video thumbnail viewing
- Redesigned Report Manager
- Added report sorting
- Added multiple web administrators with fine grained access controls
- Publicly shared file links are now included in user statistics reporting
- Added max share duration limit for publicly shared links
- User manager UI improvements
- Event manager UI improvements
- Performance improvements
- Enhanced login reports
- New session file access email report event action
- Email notification of important events like user password expiration and password changes
- Fixed "Disable after X failed login attempts" not working for accounts that were part of a group
- UI will properly reflect password change permissions for a user when that user is a member of a group
- HTTP/S web client will no longer prompt users with the expired password change dialog if they don't have permission to change their password
- Modified HTTP/S cache-control mechanism for user file downloads to ensure no user file caching
- Added sort-by-group to the User Manager's users list
- Do not attempt to shutdown a client-disconnected socket if the connection terminates abnormally
- Updated OpenSSL library to address the recent OpenSSL TLS heartbeat vulnerability referenced by
CVE-2014-0160
- Fixed a non-public security vulnerability for authenticated users
- Fixed an HTTP/S web client session timeout during long file uploads
- Fixed a bug that could result in a server crash when FTPS connections timed-out
- Closed user accounts no longer copy last login times from cloned account
- Significantly increased the HTTP/S buffer size for sending files
- Increased the default socket send/receive size and made it configurable
- Updated to OpenSSL 1.0.1f
- Workaround for mobile Safari video upload bug in web client
- Added a Public Share page to the User Manager to allow revoking and monitoring user public shares
- Added an option to specify which SMTP server public file sharing should use
- Added an option to always use the SMTP server authentication email address for all public sharing emails
- Automatically reset max connections and re-enable listeners when an expired trial is licensed
- Report Manager can now handle queries on just a date from or date to. Previously could only handle date range, or no date.
- Added password last changed date to the Login report in the Report Manager
- Fixed a problem with filenames with spaces getting truncated in Firefox when using the download button in the web client
- Statistics reports and public file sharing emails now report byte sizes in more human readable formats
- Added AES CTR ciphers for SSH2
- Added an option to change the root system logger level from the UI
- Added an option on the policy page to force always using the UPN name for AD user home directory names
- Event system performance improvements
- Fixed an event variable email substitution bug that resulted in email to names and emails not being scanned for variables
- Added a new backup server synchronization manager
- Added auto-complete for AD user and Cerberus group selection in the web admin AD and LDAP pages
- Added ability to create AD group to Cerberus group mappings in the web admin AD page
- Updated the event manager with a dedicated button and dialog for adding new rules
- Added a backup server synchronized event rule
- Added "does not contain" as an operation for rule filters
- Updated web administration with limited event rule editing
- Added online help links to almost all dialogs
- New fault tolerance features for ensuring XML configuration files will never be left in a partially written state because of an application failure
- Fixed a bug that resulted in failed public key authentication in some instances when a user was a member of a group that used public key authentication
- Minor UI bug fixes and improvements
- Added address book for HTTP/S web client users
- Added public folder sharing through the HTTP/S web client
- Public file sharing emails can now have multiple recipients
- Optimzed HTTP/s web client by reducing script and image files
- Fixed zip archives do not properly handle file names with non-ASCII characters
- Added log threshold to Syslog logger
- Enhancements to MDTM path checking to more accurately detect getting or setting mode
- Enhancements to email notification
- Event manager usability improvements
- Changed the default SOAP/HTTP web administration port to 10001 for new installations
- Ensure most recent settings are saved to disk before a backup
- Additional database setup error detection
- Enhancements to SFTP rename/move to allow renames/moves across volumes, handle very large file paths, and to support overwrite renames
- Added full UPN support for AD authentication
- Added password changing for LDAP users
- Added an account disable option for users that haven't logged in within a certain number of days
- Added a %USER% variable that can be used in virtual directory names and paths for users and groups
- Added an option to automatically create directories when approving a new account request
- Improved logic for detecting whether the data connection was gracefully closed at the end of an FTP STOR command
- Added a timer to ensure HTTP/S sessions are cleaned up and closed when they timeout
- Added support for the X-Frame-Options DENY header for HTTP/S web client page responses
- Added an advanced option to allow setting the temporary folder used for HTTP/S web client uploads
- Added an advanced option to specify the default share time (in hours) for publicly shared files
- Added an option to allow user to specify a password for publicly shared files
- Added two events for when a public file is shared, and when a public file is downloaded
- Added bytes transferred information to the log for files uploaded and downloaded
- Added tracking information to see when a public file is downloaded
- Fixed a bug that could result in an error for valid LDAP search filters
- Fixed an HTTP/S web client upload bug for uploading to non-ASCII directory paths
- Newly created Microsoft databases will now store Unicode text properly for statistics and reporting
- Added a note field for IP access items in the IP Manager
- Added username to all FTP/S and SSH SFTP client command log messages to match HTTP/S auditing
- Improved CSV importing, including support for CSVs exported from third party servers
- Improved auto-updater to allow more selective auto-updating
- Cleaner web administration pages and additional error checking
- Added ability to change several new settings through web administration
- Added a local file and directory selector for file path settings in web administration
- Fixed an issue where the FTP MLST command would fail on files on a network share
- Fixed a bug related to how auto-blocking works with whitelist mode
- Fixed telephone number wasn't included with account request notification
- Fixed email server selection for account approval in the web client was ignored
- Fixed setting for modifying hidden directory attribute on virtual directories would not save
- Added HTTP POST event target configuration capability to web admin
- Added public sharing as a permission option for virtual directories in the web admin
- Fixed inconsistent virtual directory permission selection behavior in the web admin
- Improvements to adding and removing LDAP and AD configurations in the web admin
- Fixed "Password Never Expires" setting ignored when adding new accounts
- CSV import now supports setting max logins, max upload filesize, and initial directory for a new user account
- Upgraded FIPS OpenSSL to 1.0.1 with TLS 1.1 and TLS 1.2 support
- Added advanced statistics collection and a new Report Manager
- Added public file sharing to the web client
- Updated web client upload control
- Users and groups can now have whitelist IP ranges
- AD groups can now be mapped to Cerberus groups for assigning virtual directories
- Configurable timeout support for HTTP/S web client sessions
- Zip and unzip file operation actions for event actions
- HTTP POST operation event action to allow posting event information to a URL
- More variables for events
- Added variable substitution to event email recipient name and email address fields
- Added ability to customize email subjects on event emails, including variable substitution in subjects
- Added ability to set disable after time for users and groups through web administration
- Updated, easier to use AD and LDAP admin pages
- Access to advanced security settings from the Settings page
- Access AD and LDAP user attributes like name and email address for events
|
|
|