Release Notes Version 3.2.x
Version 3.2.15 (released 2018-12-05)
- Fixed a problem with a recent CentOS security update that caused FTPdrops and FTPdirs to fail when using SFTP/SCP.
- Fixed a problem with SAML authentication for FileLinks that would redirect users incorrectly.
Version 3.2.14 (released 2018-11-01)
- Fixed a problem with the v3.2.13 release where sometimes the search engine would not be restarted properly.
Version 3.2.13 (released 2018-10-30)
- Fixed a problem with readonly users in shares that would not display correct interface options.
- Fixed an issues with URL encoding of zip file names.
- Updates to the builtin watchdog to capture share files that hasn't been av scanned and re-scan them.
- Fixed a race-condition where the watchdog would sometime try to scan files that hadn't been assembled.
- Updated Validations.
Version 3.2.12 (released 2018-10-17)
- Fixed the problem with ClamAV and file scanning.
Version 3.2.11 (released 2018-09-19)
- Fixed User Filedrop with apostrophes in emails.
- Updated kernel to fix security vulnerabilities.
- Updated HTML Editor for editing signatures.
- Don't display expired message popups in the sent view.
- Fixed FileLinks download links with umlauts in filenames.
- Added sent column to inbox.
- Fixed JSON share upload using base64 encoded uploads.
Version 3.2.10 (released 2018-08-14)
- In File Request responses, set the email from address to the File Request recipients from address unless use sender email for all emails is set.
- Added function to block recipient domain and blocked recipient regexp.
- Fixed a problem where recipient regex match would only be applied if limit domains was present.
- Fixed the group -> expire passwords now function.
- Updated html editor, removed the images and video link and updated the sanitizer to permit all other tags.
- Fixed an issue with shares quota calculation.
Version 3.2.9 (released 2018-07-26)
- Only display the configuration menu to admins and higher.
- Only send download read receipts if enabled in groups.
- Brute force protection for OTP, Duo and email validation.
- Ensure ftpdir cleanup work with invalid utf-8 characters.
- Fixed an issue with signup requests that would send two email addresses in the From address.
- Don't do brute force protection for unauthenticated messages.
- Force setting the X-Forwarded-Host header.
- Sanitize the user agent string before it's stored in logs.
Version 3.2.8 (released 2018-07-10)
- Fixed a problem downloading ZIP archives with files > 100MB.
- Fixed the Share Rename and Move file and folder API to match the documentation.
- Display the private message popup below the input field.
- Don't overwrite proxy configuration for freshclam proxy configuration.
- Fixed a problem enabling Lets Encrypt on newly installed systems.
Version 3.2.7 (released 2018-05-30)
- Changed the behaviour when displaying expired messages to always display the same page regardless if the message doesn't exist or has expired.
- Removed weaker encryption from supported TLS ciphers when selecting TLS v1.2 only.
- Added sftp strength configuration for FTPdrops.
- Strengthened the ssh admin encryption
- Fixed an issue where limit networks would validate against the group found in LDAP, not the users actual group, if locked.
- Fixed a problem with the OTP signup
- Added an improved Let's Encrypt validation that can check that the DNS name exist and that incoming http is permitted.
- Fixed a problem where sometimes FTPdrop and Emaildrop ports in the firewall could get removed.
- When using custom port numbers, ensure these port numbers are used when redirecting a user back.
Version 3.2.6 (released 2018-05-02)
- Added Terms of Service function.
- Fixed a problem with displaying blacklisted ip addresses.
- Add header to the email validation page.
- Rescue Locale errors and send an email to the Sysadmins.
- Fixed a problem with HTML4 based uploads.
- Fixed an issue with the search in admin section.
- Fixed an issue when uploading a single large files (instead of uploading the file in pieces) when using the API.
- Removed 3DES from permitted algorithms for SFTP and SCP.
- Permit POST action for SSO login with static password.
- Download all users when downloading a CSV.
- Updated version of Ruby on Rails.
- Various smaller fixes.
Version 3.2.5 (released 2018-03-27)
- Ensure that the email validation links doesn't expire until after the 60 minute timeout.
- Fixed a problem where the `ft` command line sometimes wouldn't work.
- Better handling of API requests with invalid syntax.
Version 3.2.4 (released 2018-03-20)
- Fixed missing translation for messages sent view.
- Fixed a problem where FTPdrop prefill parameters didn't work.
- Fixed an issue with ftpdrop filenames beginning with a dot (.).
Version 3.2.3 (released 2018-03-13)
- Better error messages for the API when messages can't be deleted.
- Re-Added XML support to sent and inbox controller.
- Added group, filedrop urls and file request api info to client info request
Version 3.2.2 (released 2018-03-06)
- Fixed an issue migrating from LiquidFiles v2.6.x.
- Fixed editing the mailtemplate user signup requests.
- Fixed an issue moving folders in shares.
- Ensure ZIP downlod filenames in shares are URL safe.
- Added message_can_change_expiration to the API Client Info Request.
- Fixed an issue using the API call to list the /messages/inbox.
- Fixed an issue uploading certificates using PFX files.
Version 3.2.1 (released 2018-03-01)
- Security: Updated SAML library to fix CVE-2017-11428.
- Added option to remove network limits when adding and resetting an admins from the command line.
Version 3.2.0 (released 2018-02-26)
- Added User Addressbook where users can add individual and groups of email addresses at once.
- Changed the method of using previous email addresses. Now there's a separate table where previous addresses are stored, and a user can delete an address they wish to remove without having to delete messages.
- Added share email notifications.
- Added User Activity View.
- Added Regular Expression Pattern matching for message recipients.
- Added Message Permission Recipients and Domains.
- Added Password protection feature to Filedrops.
- Added Email sender validation to Filedrops.
- Added Private Message feature to Filedrops.
- Added support for FTPdrop sessions - all files uploaded in a single session are processed as one FTPdrop, not individual files.
- Display a users Filedrops, i.e. Filedrops where the user is a listed recipient in the Account settings.
- Added SSH Key authentication to FTPdrops and FTPdirs.
- Overwrite protection for FTPdirs.
- Added a setting to enable/disable traditional unencrypted FTP for FTPdrops and FTPdirs.
- Added File Requests Multi-Use. When enabled a File Request won't expire after a single use.
- Removed the disk speed test as a daily task, it's now available using the `ft disk_speed` command line when required.
- Added System Mail Queue interface.
- Changed the Email rendering to automatically insert Style/CSS tags in each affected tag to make Stylesheets more useable in more email applications.
- Reworked the Email templates including the default styles from the Foundation project.
- Added Password Dictionary validation.
- Updated API for the shares log.
- Added PDF preview in shares.
- Don't try to SAML authenticate messages and links that doesn't require authentication.
- Internal cleanups, route/url changes.
- Changed database character set to UTF8mb4 (4 character UTF8) to enable storing the full UTF8 character set, i.e. Emoticons.
- Fixed a security issue from v3.1.x where a user's API key could be retrieved with a specially crafted API call.
- Updated to later system versions of Ruby, Ruby on Rails, ...
Incompatible API changes between v3.1 and v3.2.
You can trust that within a major release (within 3.0.x and within 3.1.x and so on) there are no changes that breaks anything that uses the API. You can pretty much always also count that between major releases there's almost always something that will break, as the product is constantly improved.
- The /sent URL is now /messages/sent
- The /messages URL is now /messages/inbox
- The Admin Group API use_specified is now can_use_specified
- The Admin Group API use_specified_and_domains is now can_use_specified_and_local
- A lot of client info request changes for consistency. The old requests will be removed in v3.4. Please see the Client Info Request API documentation for more info.