Release Notes Version 4.0.x

Major changes from version 3.7 to version 4.0

• New underlying operating system — Ubuntu Server 22.04 LTS. There was quite a few reasons that made us switch from the previous CentOS/RedHat family of Linux to Ubuntu. In short these included:
  • RedHat moved CentOS from a stable, free alternative to RedHat to essentially a development, unstable version of RedHat.
  • RedHat made changes to its licensing which causes a lot of concerns for the long term viability of alternatives such as Rocky Linux and Alma Linux that attempted to recreate what CentOS used to be.
  • Ubuntu Server is a very stable Linux variant that is used and supported by many players, including being the reference Linux for FIPS certified OpenSSL modules.
  • Ubuntu offers support for their LTS releases for 10 years.
  • Ubuntu has better support for more auxilliary functions and libraries. With CentOS we used to maintain about 10 packages that weren't distributed with CentOS. With Ubuntu the only package we maintain ourselves is Nginx and that's just because we have a couple of our own custom plugins for Nginx that's not publically available.
  • Ubuntu has a Pro license which essentially turns the free version of Ubuntu server into a commercially supported version of Ubuntu server for those that wish to get official server support. Further, the Pro license will enable NIST-certified FIPS crypto-modules and other similar benefits.
  So in a way, RedHat pushed us (and many others) away from their family of Linuxes and for us we landed on Ubuntu. So far we couldn't be happier.
  The annoying thing is that when moving operating system, in order to upgrade from previous versions we have to install a new system and Move the data across from the old to the new system. Luckily this process is well proven as we've moved from OpenBSD (v1.x), to CentOS 6 32bit (v2.x), to CentOS 7 64bit (v3.x) and now to Ubuntu Server 22.04 LTS (v4.x).
• Changed Duo Two-Factor Authentication to Universal Prompt.
• Re-Architected the login session database structure. The actual sessions are now stored in browser cookies meaning database sessions are not created until a user is logged in. This increases performance. This change means that any existing user will be logged out. Further improvements include:
  • Admin → System → User Sessions now holds all logged in sessions, and only logged in sessions. This means it's more transparent what goes on with logged in users.
  • Admin → System → now lists when a users session will expire and why — it will highlight if a logged in user is using Remember me cookies, Session cookies or Secure Token sessions for external users.
  • Admin → System → is also improved showing users location and system information in a better way.
  • Previously it wasn't possible to manually expire an existing Remember Me cookie, now it is.
  • Previously it wasn't possible to manually expire External Users, not it is.
• Added session limitations. By default users are permitted 2 active sessions and you can adjust between 1 and 3 sessions.
• Added Web Based Migration from another system, available during Getting Started.
• Added Web Based Restore from backup, available during Getting Started.
• Added Permission Policy Header — securityheaders.com now gives a default LiquidFiles system an A+ score.
• Sysadmins logging in from /login as opposed to / will not be saml redirected if set as requirement in sysadmin group — this is a fallback if the SAML server is not working (SAML certificate has changed for instance) .
• Update local domains when updating Public Hostname — add the domain of the Public Hostname if it's not already included in the Local Domains.
• Added a file_request_response email template.
• Updated libraries and functions such as Ruby on Rails 7, Ruby 3, Bootstrap 5.3, PostgreSQL 14...

Version 4.0.16 (released 2025-03-04)

• Updated Support Connection configuration.
• Security: Better Sanitizing of uploaded filenames.
• Security: Better validation that actionscripts are only configured to available ActionScripts.
• Security: Disable chmod commands for FTPdirs.
• Fixed the download of Admin ActivityLog Archive.

Version 4.0.15 (released 2024-12-04)

• Security: Improved validation of Emails for Filedrops when Email Validation is enabled.
• Updated libraries.

Version 4.0.14 (released 2024-11-07)

• Should not permit messages without attachments with reply set.
• Show saml configuration if enabled in a non-default domain but not in the default domain.
• Fixed a couple of visual issues in the Message Compose window if the authentication is set to disable on default.
• Fixed a couple of IPv6 issues setting default route and a couple of display issues if IPv4 is set as dhcp.
• Better logging of changes in Admin → System → Network.
• Better validation of licenses with incorrect hostname.

Version 4.0.13 (released 2024-09-23)

• Security: Fixed an issue where message attachment details could be downloaded without authentication.
• Added Logs for SAML Autologin.
• Security: Refactored SAML Logins to not use parameters when redirecting users.
• Added Logs when SSH Keys are added and removed for console access.
• Fixed an issue uploading FTPdrop files with curly brackets in them.
• Better description for X-Forwarded-For not defined errors.
• Better logging for upload errors.
• Valid Cache Expiration Header.
• Improvements in Email Templates.
• Fixed the output when running ft disk_speed.
• Security: Updated libraries and functions, specifically a security issue in ruby-saml.

Version 4.0.12 (released 2024-08-12)

• Fixed an issue where files would not get reassembled properly in some cases.
• Improved Queue worker performance.
• Ensure outgoing proxy server is filled in when enabled.
• Ensure ssh-admin brute force trigger is not reset on restart.
• Fixes an issue where it wasn't possible to use the download API for Share Files.
• UI fixes when deleting files and folders from shares.
• Updated rails, libraries and functions.

Version 4.0.11 (released 2024-06-02)

• Fixed moving users into groups when deleting groups.
• Fixed authorizing users with email aliases with mixed case emails.
• Set Session Timeouts when logging in using SAML.
• Updated input sanitization for filenames.
• Permit '$' in share names for SMB backups.
• Added function to use DNS search domains.
• Run the nightly maintenance at about 2:30AM.
• Fixed an issue with log rotating system files.
• Add system updates from updates.liquidfiles.com.
• Fixed an issue using scp with FTPdrops.
• Updated rails, libraries and functions.

Version 4.0.10 (released 2024-05-28)

• Fixed an issue where GeoIP Lookups wasn't performed in some instances.
• Fixed an issue where auto-update and auto-reboot functions wasn't properly configured in some instances.
• Added a function to set root password during migration and restore.
• Fixed an issue restoring v4.0 backup to a v4.0 system.
• Fixed an issue where Branding Quickstart didn't work from the Admin → Configuration → Branding page.
• Fixed an issue where DHCP configuration sometimes wasn't accurately reflected on the console.
• Updated Nginx and libraries.

Version 4.0.9 (released 2024-05-07)

• Fixed an issue where application.log couldn't be downloaded from the Log Archive.
• Improved automatic disk expansions for data disks.
• Improved data disk creation in cloud environments.
• Fixed an issue where downloading files in shares wasn't logged properly.
• Security: Don't exclude localhost from brute-force detection.
• Updated libraries and functions.

Version 4.0.8 (released 2024-04-03)

• Fixes an issue authenticating with Duo when using Duo aliases.
• Fixes an issue where disks couldn't be expanded in some cases.

Version 4.0.7 (released 2024-03-07)

• Fixes an issue where large SAML responses could lead to a cookie overflow.
• Fixes an issue where Duo responses matched usernames with case sensitive.
• Fix for user filedrop message expiration is more than message max expiration.
• Fixes an issue where Set Manual Time wasn't working.
• Fixes an issue migrating from a v4.x to another v4.x system.
• Fixes an issue where the change data disk function didn't display the disk properly.

Version 4.0.6 (released 2024-02-26)

• Fixes an issue where previous attachments couldn't be used in API clients.

Version 4.0.5 (released 2024-02-22)

• Fixes for disk expansion when using nvme (SSD) disks.
• Fixed an issue where `ft add_admin` didn't work properly.
• Updated Ruby on Rails.

Version 4.0.4 (released 2024-02-21)

• Security: Fixes an issue where Strong Auth Remember would be "remembered" between different users that shared the same browser.
• Fixed an issue where Strong Auth Remember wasn't being set.
• Fixed an issue where PDF Preview wasn't working in shares.
• Fixes an issue with incorrect JSON root parameter with the Share API.
• Fixes a couple issues with the Share Log API.
• Fixes a couple of migration issues (the FTP service wasn't started if FTPdrops/FTPdirs was configured).
• Set the system hostname to the Public Hostname if not previously set.
• Fixed an issue resizing the filesystem from the F2 Setup menu.
• Fixed an issue deleting custom groups.
• Updated Libraries

Version 4.0.3 (released 2024-02-13)

• Fixes an issue where wasn't available in filedrop_message and filedrop_private_message email templates.
• Fixes an issue where it wasn't possible to set LDAP default group to Disable Logins or SAML default group to No default.
• Fixes an issue where system_path wasn't available in User Delivery Actionscripts.
• Fixes a problem where Firefox sometimes would logout users that went from Admin back to User area (sending files).
• Added TLSv1.3 (when configured) to FTPdrops and FTPdirs.
• Fixes an issue setting NTP configuration.
• Fixes an issue using outgoing http proxy from the command line.
• Migration fixes.

Version 4.0.2 (released 2024-02-01)

• Fixes an issue using outgoing http proxy.
• Fixes an issue configuring non standard http and https ports.
• Fixes an issue with SMS Strong Authentications.
• Added better hints for browsers when using SMS Strong Authentication to help autofill One Time Codes.
• Security improvement for external access (retrieving GeoIP data, connecting to Duo, SMS Auth, validating connectivity, ...)

Version 4.0.1 (released 2024-01-25)

• Fixes an issue where it wasn't possible to add a separate data disk.

Version 4.0.0 (released 2024-01-22)

• Initial Release of v4.0.

Incompatibilities and Warnings

These are a few things you need to be aware of when updating to LiquidFiles v4.0.

API Deprecations

XML API

It's no longer possible to use the XML API. The XML API has been deprecated and on it's way out for quite a while, and some functions did still work using XML up until the previous major release. With LiquidFiles v4.0, this has been removed and it's no longer possible to use any XML API functions.

Admin API changes

There's been some slight changes in the formatting in some the JSON response to make them more unified, for instance the Admin/User API. If you're using any Admin API function, please double-check with the indididual documentation that the functions still match what you're expecting.

Previous Attachment Upload API deprecated

Up until v3.6, the /attachments and /attachments/binary_uploads API functions have been global functions for most (all except shares) uploads. This function was deprecated in v3.7 and has been removed in v4.0. The currently supported upload method is to use individual functions such as /message/attachments/upload. Please see the individual API documentation for Message Uploads, Link Uploads, ...

Renamed API functions

In this release several API attributes have been renamed, please make sure to update any API functions you may have that uses any of these. is_local → local, is_sysadmin → sysadmin, is_domain_admin → domain_admin, is_admin → admin, is_user_admin → user_admin, is_pool_admin → pool_admin, use_maps → geoip.