Release Notes

The release notes for every official version of Cerberus FTP Server. If you need any help setting up Cerberus FTP Server you can browse our online support resources.

Version 6.0 Release Notes Hide show hide icon
Version Official release notes --
  • Fixed "Disable after X failed login attempts" not working for accounts that were part of a group
  • UI will properly reflect password change permissions for a user when that user is a member of a group
  • HTTP/S web client will no longer prompt users with the expired password change dialog if they don't have permission to change their password
  • Modified HTTP/S cache-control mechanism for user file downloads to ensure no user file caching
  • Added sort-by-group to the User Manager's users list
  • Do not attempt to shutdown a client-disconnected socket if the connection terminates abnormally
  • Updated OpenSSL library to address the recent OpenSSL TLS heartbeat vulnerability referenced by CVE-2014-0160
Version 6.0.7 Official release notes --
  • Fixed a non-public security vulnerability that could allow authenticated users to gain access to unathorized files on the server machine through the HTTP/S web client
  • Fixed an HTTP/S web client session timeout during long file uploads
  • Fixed a bug that could result in a server crash when FTPS connections timed-out
  • Cloned user accounts no longer copy last login times from cloned account
  • Significantly increased the HTTP/S buffer size for sending files
  • Increased the default socket send/receive size and made it configurable
Version Official release notes --
  • Fixed several memory leaks
Version Official release notes --
  • Updated to OpenSSL 1.0.1f
  • Workaround for mobile Safari video upload bug in web client
Version Official release notes --
  • Added a parent directory event variable for file transfer events
  • Event Manager rules sorting added to Rules page
  • Event Manager condition selection now populates the editing boxes
  • Event Manager Add/Edit event button on the Rules page now selects the highlighted event on the Edit page
  • Logging package update
  • Minor bug fixes
Version Official release notes --
  • Fixed a bug could result in a UI crash when approving an account with email notification enabled
  • Fixed a bug in event regular expression evaluation that could result in a match for invalid regular expressions
Version Official release notes --
  • Fixed a bug that could allow an SFTP file transfer ended event to be sent before the file handle closed
  • SMTP STARTTLS fix for some servers that require a new EHLO after the connection is upgraded to encryption
  • Account requests now include the request date
  • Fixed a bug that could result in the synchronization manager not recognizing unique license keys on other machines
Version Official release notes --
  • Fix for Active Directory names with special characters
  • Fix for MLST FTP command for directory listings
  • Improved FTP RETR error message for when a file does not exist, cannot be accessed, or is actually a directory
Version Official release notes --
  • Added a Public Share page to the User Manager to allow revoking and monitoring user public shares
  • Added an option to specify which SMTP server public file sharing should use
  • Added an option to always use the SMTP server authentication email address for all public sharing emails
  • Automatically reset max connections and re-enable listeners when an expired trial is licensed
  • Report Manager can now handle queries on just a date from or date to. Previously could only handle date range, or no date.
  • Added password last changed date to the Login report in the Report Manager
  • Fixed a problem with filenames with spaces getting truncated in Firefox when using the download button in the web client
  • Statistics reports and public file sharing emails now report byte sizes in more human readable formats
Version Official release notes --
  • Added AES CTR ciphers for SSH2
  • Added an option to change the root system logger level from the UI
  • Added an option on the policy page to force always using the UPN name for AD user home directory names
  • Event system performance improvements
  • Fixed an event variable email substitution bug that resulted in email to names and emails not being scanned for variables
Version Official release notes --
  • Changes to allow AD authentication against read-only domain controllers for perimeter network deployments
  • Fixed a bug that resulted in displaying only the first 25 AD or LDAP accounts in the GUI, even when Show All Accounts was checked
  • Fixed a bug in the HTTP/S web client that would result in javascript errors when a user had no virtual directories assigned to their account
Version Official release notes --
  • Added a new backup server synchronization manager
  • Added auto-complete for AD user and Cerberus group selection in the web admin AD and LDAP pages
  • Added ability to create AD group to Cerberus group mappings in the web admin AD page
  • Updated the event manager with a dedicated button and dialog for adding new rules
  • Added a backup server synchronized event rule
  • Added "does not contain" as an operation for rule filters
  • Updated web administration with limited event rule editing
  • Added online help links to almost all dialogs
  • New fault tolerance features for ensuring XML configuration files will never be left in a partially written state because of an application failure
  • Fixed a bug that resulted in failed public key authentication in some instances when a user was a member of a group that used public key authentication
  • Minor UI bug fixes and improvements
Version Official release notes --
  • Added auto-create directory paths with %USER% variable option in the Policy page
  • Added an "is a directory" variable to file rename, move, and delete events
  • Compatibility improvements to the SOAP API DeleteGroup call
  • Improved context help in dialogs
  • Improved AD user search for when AD authentication domain specified is in another forest than the server
  • Fixed a bug where SSL became uninitalized when a new license was applied, or the server was restarted from the file menu
Version Official release notes --
  • Added address book for HTTP/S web client users
  • Added public folder sharing through the HTTP/S web client
  • Public file sharing emails can now have multiple recipients
  • Optimzed HTTP/s web client by reducing script and image files
  • Fixed zip archives do not properly handle file names with non-ASCII characters
  • Added log threshold to Syslog logger
  • Enhancements to MDTM path checking to more accurately detect getting or setting mode
  • Enhancements to email notification
  • Event manager usability improvements
  • Changed the default SOAP/HTTP web administration port to 10001 for new installations
  • Ensure most recent settings are saved to disk before a backup
  • Additional database setup error detection
  • Enhancements to SFTP rename/move to allow renames/moves across volumes, handle very large file paths, and to support overwrite renames
Version Official release notes --
  • Added full UPN support for AD authentication
  • Added password changing for LDAP users
  • Added an account disable option for users that haven't logged in within a certain number of days
  • Added a %USER% variable that can be used in virtual directory names and paths for users and groups
  • Added an option to automatically create directories when approving a new account request
  • Improved logic for detecting whether the data connection was gracefully closed at the end of an FTP STOR command
  • Added a timer to ensure HTTP/S sessions are cleaned up and closed when they timeout
  • Added support for the X-Frame-Options DENY header for HTTP/S web client page responses
  • Added an advanced option to allow setting the temporary folder used for HTTP/S web client uploads
  • Added an advanced option to specify the default share time (in hours) for publicly shared files
  • Added an option to allow user to specify a password for publicly shared files
  • Added two events for when a public file is shared, and when a public file is downloaded
  • Added bytes transferred information to the log for files uploaded and downloaded
  • Added tracking information to see when a public file is downloaded
  • Fixed a bug that could result in an error for valid LDAP search filters
  • Fixed an HTTP/S web client upload bug for uploading to non-ASCII directory paths
  • Newly created Microsoft databases will now store Unicode text properly for statistics and reporting
Version Official release notes --
  • Added a note field for IP access items in the IP Manager
  • Added username to all FTP/S and SSH SFTP client command log messages to match HTTP/S auditing
  • Improved CSV importing, including support for CSVs exported from third party servers
  • Improved auto-updater to allow more selective auto-updating
  • Cleaner web administration pages and additional error checking
  • Added ability to change several new settings through web administration
  • Added a local file and directory selector for file path settings in web administration
  • Fixed an issue where the FTP MLST command would fail on files on a network share
  • Fixed a bug related to how auto-blocking works with whitelist mode
Version Official release notes --
  • Fixed telephone number wasn't included with account request notification
  • Fixed email server selection for account approval in the web client was ignored
  • Fixed setting for modifying hidden directory attribute on virtual directories would not save
  • Added HTTP POST event target configuration capability to web admin
  • Added public sharing as a permission option for virtual directories in the web admin
  • Fixed inconsistent virtual directory permission selection behavior in the web admin
  • Improvements to adding and removing LDAP and AD configurations in the web admin
  • Fixed "Password Never Expires" setting ignored when adding new accounts
  • CSV import now supports setting max logins, max upload filesize, and initial directory for a new user account
Version Official release notes --
  • Numerous bug fixes
  • Update the SOAP API
Version 6.0 Official release notes --
  • Upgraded FIPS OpenSSL to 1.0.1 with TLS 1.1 and TLS 1.2 support
  • Added advanced statistics collection and a new Report Manager
  • Added public file sharing to the web client
  • Updated web client upload control
  • Users and groups can now have whitelist IP ranges
  • AD groups can now be mapped to Cerberus groups for assigning virtual directories
  • Configurable timeout support for HTTP/S web client sessions
  • Zip and unzip file operation actions for event actions
  • HTTP POST operation event action to allow posting event information to a URL
  • More variables for events
  • Added variable substitution to event email recipient name and email address fields
  • Added ability to customize email subjects on event emails, including variable substitution in subjects
  • Added ability to set disable after time for users and groups through web administration
  • Updated, easier to use AD and LDAP admin pages
  • Access to advanced security settings from the Settings page
  • Access AD and LDAP user attributes like name and email address for events
Version 5.0 Release Notes Show show hide icon
Version 4.0 Release Notes Show show hide icon
Version 3.0 Release Notes Show
Version 2.50 Release Notes Show
Version 2.4 BETA Notes Show
Version 2.3 Release Notes Show
Version 2.2 Release Notes Show
Version 2.1 Release Notes Show
Version 2.0 Release Notes Show
Version 1.0 Release Notes Show