Cerberus FTP Server

[Camel1965]

Cerberus FTP Server 12.7.1​

May 13, 2022

• Fixed: In HTTP/S web client, users cannot navigate into subfolders of public shares

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Camel1965]

Cerberus FTP Server 12.7.2​

May 20, 2022

• Fixed: Cerberus does not interpret FTP NLST command options correctly
• Fixed: On the Connections page, administrators cannot view the full path for Local Files with long file paths

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Camel1965]

Cerberus FTP Server 12.7.3​

May 24, 2022

• Fixed: FTP clients could not change to the root directory
• Fixed: On the login page for Web Administration, username was not HTML escaped

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Camel1965]

Cerberus FTP Server 12.7.4

Changes in Cerberus FTP Server 12.7.4 (2022-06-01):

• Fixed: Security vulnerability introduced in 12.7.0

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Camel1965]

Cerberus FTP Server 12.8.0​

Changes in Cerberus FTP Server 12.8.0 (2022-06-13):​

• New: In addition to blocking file extensions, administrators can now configure Cerberus to only allow specified file extensions
• New: Cerberus now warns when RSA public keys have a weak exponent value
• Fixed: Upgraded to curl 7.83.1 to address CVE-2022-30115, CVE-2022-27782, CVE-2022-27781, CVE-2022-27780, CVE-2022-27779, CVE-2022-27778

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Camel1965]

Cerberus FTP Server 12.9.0​

Changes in Cerberus FTP Server 12.9.0 (2022-07-18):​

• New: In User Manager, administrators can now create, upload, and edit client SSH public keys for users and groups
• Fixed: Event Manager now escapes event variables that are modifiable by users and are used in file paths
• Fixed: Removed logging for anonymous user passwords
• Fixed: When recursive file deletion fails, files are not deleted until Cerberus is restarted
• Fixed: When installing Cerberus, service account validation now displays an error message when an account does not exist
• Fixed: When uninstalling Cerberus, there is now an option to remove or keep the ‘Cerberus’ service account
• Fixed: In Report Manager, Professional and Standard editions show reports that are only available in Enterprise edition
• Fixed: In Report Manager, Professional and Standard editions cannot generate the Server Statistics report
• Fixed: Addressed OpenSSL security vulnerabilities with a patch for CVE-2022-2068
• Fixed: Upgraded to curl 7.84.0 to address CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Camel1965]

Cerberus FTP Server 12.10.0​

Changes in Cerberus FTP Server 12.10.0 (2022-09-12):​

• New: Administrators can now set delete, rename, and list permissions for folders and files independently from one another
• New: Customers with many concurrent client connections should see faster connection acceptance
• Fixed: HTTP/S Admin listeners did not enforce the max connection limit
• Fixed: Updated to the latest version of jQuery UI to address a potential cross-site scripting (XSS) vulnerability
• Fixed: Upgraded to gSOAP 2.8.122

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Camel1965]

Cerberus FTP Server 12.10.1​

September 23, 2022

• Fixed: In IP Manager, Auto Blocking and DoS Protection settings were disabled after a service restart
• Fixed: Cerberus crashes when renaming a file because of a lack of permissions
• Fixed: In Event Manager, Cerberus crashes when a Scheduled Task is set to repeat with a value of ‘0’
• Fixed: Administrators are incorrectly blocked from logging into Web Administration because of the maximum connection limit
• Fixed: Upgraded to the latest version of jQuery Validation to address a vulnerability to regular expression denial of service

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Camel1965]

Cerberus FTP Server 12.11.0​

Changes in Cerberus FTP Server 12.11.0 (2022-11-07):​

• New: Cerberus can now block or allow connections based on the country the connection originates from
• New: Upgraded to OpenSSL to 3.0.7 with TLS 1.3 support
• New: Cerberus supports ChaCha20-Poly1305 cipher suite for TLS 1.3
• New: TLS 1.3 is now enabled by default, TLS 1.0 and TLS 1.1 are no longer enabled by default
• New: Web Client users can now look up their username if they forgot it
• New: When a user with a disabled account requests a password reset, Cerberus will now notify users that their account is disabled
• New: Web Client users can now select to delete all files from their public share once the share has expired
• New: In User Manager, the list of users may now display users’ email address
• New: In User Manager, a native user’s profile now includes the last login IP address
• New: User Manager now allows searching users by their email address
• New: Use HTTPS when connecting to ipstack’s geolocation service if it’s available
• New: SOAP API now allows setting a ‘requirePasswordChange’ option on ChangePassword API call
• Fixed: In HTTP/S web client, PDF preview has been disabled as it can no longer be supported securely
• Fixed: User to Group mappings now also match against the authenticating user’s sAMAccountName
• Fixed: Upgraded to curl 7.86.0 to address CVE-2022-32221, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916
• Fixed: Upgraded to zlib 1.2.13 to address CVE-2022-37434

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Camel1965]

Cerberus FTP Server 12.11.1​

November 16, 2022

• Fixed: When FIPS is enabled, Cerberus cannot validate a new license key
• Fixed: Cerberus crashes when Oracle XML Publisher connects to Cerberus via SFTP and FIPS is enabled
• Fixed: In Server Manager, the administrator was not informed that the Cerberus FTP Server service needs to be restarted after disabling FIPS
• Fixed: The RenameUser SOAP API did not correctly rename users

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Camel1965]

Cerberus FTP Server 12.11.2​

Changes in Cerberus FTP Server 12.11.2 (2022-11-18):​

• Fixed: Geoblocking defaults to allow only mode when it should default to deny only mode
• Fixed: Geolocation fails if auto update checking and public IP autodetection are both disabled
• Fixed: When a native user is disabled or deleted their web sessions are logged off
• Fixed: Upgraded to moment.js 2.29.4 to address CVE-2022-31129

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Camel1965]

Cerberus FTP Server 12.11.3

Changes in Cerberus FTP Server 12.11.3 (2022-11-22):

• New: Enable loading the legacy provider for old PFX files with weak encryption

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Camel1965]

Cerberus FTP Server 12.11.4​

December 1, 2022

• Fixed: Geoblocking blocks connections when geolocation fails in certain situations
• Fixed: SFTP authentication fails intermittently

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Camel1965]

Cerberus FTP Server 12.11.5​

January 19, 2023

• Fixed: Extension allow/deny lists no longer affect renaming folders
• Fixed: Remove registry-related WARNING messages when running Cerberus as an unprivileged user

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Mohammad.Poorya]

Cerberus FTP Server 12.11.6
​

Zaloguj lub Zarejestruj się aby zobaczyć!

Changes in Cerberus FTP Server 12.11.6 (2023-02-17):​

• Fixed: Eliminate “file not found” errors when operating on files and folders in paths longer than 250 characters
• New: Upgraded to OpenSSL to 3.0.8 to address security vulnerabilities CVE-2023-0401, CVE-2023-0286, CVE-2023-0217, CVE-2023-0216, CVE-2023-0215, CVE-2022-4450, CVE-2022-4304, CVE-2022-4203
• Fixed: Upgraded to curl 7.88.0 to address CVE-2023-23914, CVE-2023-23915, CVE-2023-23916
• Fixed: Multibyte user and group names are supported
• Fixed: Upgraded jquery.ui.widget to 1.13.2 to address CVE-2022-31160