Release Notes Version 3.1.x

Version 3.1.13 (released 2018-01-09)

• Security: Updated the kernel in response to recent security updates.
• Don't SAML authenticate messages that doesn't require authentication.

Version 3.1.12 (released 2017-12-15)

• Security: Improved Input Validation (as reported by Conny Dahlgren Security researcher at Nixu).
• In the Admin → Data → Messages view, the Popup Message and View message is now the same.

Version 3.1.11 (released 2017-12-09)

• Security: Improved Input Validation.
• Fixed a problem when zip'd shares had truncated folder names in the root folder.
• Fixed a problem where expires at couldn't be set for Filelinks using the JSON API.

Version 3.1.10 (released 2017-11-14)

• Fixed a problem with running the backup task (problem occurred with 3.1.9).

Version 3.1.9 (released 2017-11-06)

• Security: Updated Input Validation

Version 3.1.8 (released 2017-10-31)

• Fixed a double-quotes issue in JSON API responses when sending messages.
• Ensure & is allowed in filenames.
• Display the users last login time with year in Admin → Users.
• When testing disk speed, never use temp files more than 4GB.
• Fixed an issue where One Time Passwords where by-passed on the first login when creating a new account.
• Updated log messages to include better size information.
• Fixed an issue where the share folder page sometimes wouldn't load.
• Updated to a later version of Ruby on Rails.

Version 3.1.7 (released 2017-09-26)

• Fixed a problem where External Users and External Users receive only groups had share write access enabled as default.
• The shares main menu item are now always visible to Admins.
• Fixed a problem where the map wasn't visible in the admin pages.
• Updated AV status check to just check if we have the current AV signatures or not (no network check).
• Increase swap-warning to over 33%, inline with how CentOS 7 performs swapping in normal circumstanses.
• Fixed a problem where deleting attachments wouldn't delete attached filelinks
• Fixed an intermittent problem uploading files to shares.
• Fixed a problem with moving files in shares.
• Increased messages body limit to 4Gb.
• External Users are now permitted in domains where local users have configured recipient limitation.
• Fixed update expires at for links via JSON.

Version 3.1.6 (released 2017-09-07)

• Fixed a problem where Last Login wasn't updated after Duo logins.
• Ensure that OTP friendly name is less than 115 characters.
• Made the OTP signup QR code bigger to support longer names.
• Fixed OTP enrollment for Chrome.
• Added Openstreetmap to CSP.
• Fixed a problem with FTPdir that would delete the root folder.
• Fixed a problem where folders sometimes couldn't be permanently deleted.
• Fixed a problem where old versions of uploaded files sometimes couldn't be restored.
• Fixed a problem that sometimes caused uploads to a share to fail.
• Better validation when creating folders.
• Added ftpdrop and ftpdir validation to ensure expires after are minimum 1.
• Set hostname correctly in F2 Hostconfig.
• Updated kernel, please reboot after installing v3.1.6.

Version 3.1.5 (released 2017-07-25)

• Ensure FTPdrop files are deleted if the upload was unsuccessful.
• Make sure email address validation is not case sensitive.
• Fixed a problem where download URLs could sometimes be re-used.
• Changed Emaildrop and FTPdrop to use sha256.
• Moved post processing of uploaded Share files to the background.
• Export and use the certificate chain from PKCS12 certificate uploads.
• Updated validations.
• Latest version of Ruby on Rails.

Version 3.1.4 (released 2017-06-08)

• Added API functions to Move and Rename File and Folders.
• Fixed a problem with Microsoft Edge browsers.
• Better error handling of invalid JSON, XML and invalid paths.

Version 3.1.3 (released 2017-06-01)

• Fixed a problem with the certificate validation.

Version 3.1.2 (released 2017-05-31)

• Updated SAML certificate validation to include space delimiters and no delimiters as valid certificate fingerprint.
• Fixed a problem with database migration that affected some migrations from v3.0.x.

Version 3.1.1 (released 2017-05-30)

• Updated validations when installing certificates and updating SAML configuration.
• Updated the help page to accurately reflect changes in v3.1.
• Fixed a problem where Share Write Access would get disabled on builtin groups when saved.
• Fixed a problem enabling Let's Encrypt.
• Fixed a problem trashing files in Shares.
• Fixed a problem where updating from v3.0.x would not install properly.

Version 3.1.0 (released 2017-05-23)

• Added Support for One-Time Password (OTP) Two Factor Authentication (Google Authenticator, ...).
• Added Content Security Policy and Configuration
• Added SAML Auth Comparison Configuration.
• Added SAML Autologin Networks (so you can configure internal networks to automatically be sent to your SAML server for authentication).
• Updated SAML config to use SHA-256 Certificate Fingerprint.
• Updated SAML config to use SHA-256 for SAML Signature Algorithm.
• Added Logout URL for Shared Key SSO logins.
• Moved the Request File menu item to the top level menubar.
• Improved the watchdog to capture more Search Index issues.
• Changed from SHA1 to SHA-256 for all internal functions.
• Changed to specify full message ID instead of just the first 8 characters everywhere.
• Added a function to lock LDAP users to a specific group.
• Added a Share Write Access group setting to enable external users with write access.
• Added Move functions for Share Files and Folders.
• Added API call to check what share files and folders have been updated since a given time.
• Added FTP Masquerade configuration (Admin → System → Network).
• Replaced Flash with a JavaScript function to handle copy to clipboard.
• Updated Ruby, Ruby on Rails and Ruby libraries. Updated jQuery and jQuery libraries. Updated Search Engine.