FileZilla Pro Enterprise Server Version History

1.8.6 (2024-03-21)

Bugfixes and minor changes:

  • SFTP: Fixed a bug that would prevent using host keys in PEM format

1.8.5 (2024-03-20)

Bugfixes and minor changes:

  • SFTP: Fixed a crash processing unexpected packets

1.8.4 (2024-02-23)

New features:

  • SFTP: Added option to allow using the insecure ssh-rsa host key signature algorithm during key exchange which was removed in 1.8.0

1.8.3 (2024-02-22)

Bugfixes and minor changes:

  • SFTP: Fixed a regression that made it impossible to remove invalid host keys using the Administration Interface
  • FTP: Fixed potential crash if the session gets closed

1.8.2 (2024-01-27)

Bugfixes and minor changes:

  • Fixed a crash if debug logging is enabled

1.8.1 (2024-01-26)

New features:

  • Limits to the number of active sessions defined for the groups now apply to the group as a whole, not just to the individual users belonging to those groups.

Bugfixes and minor changes:

  • Fixed bug that led to timeouts not being set at startup, but only when changing the configuration.
  • SFTP: Quit the session right away if an unsupported shell/subsystem is requested
  • FTP Server: NLST would report a file names with a leading ./ path in certain cases, which confused some clients. Fixed.
  • UI: Fixed bug that caused the Administration Interface to misinterpret native paths in the mount lists in case the server were running on a machine with different path semantics than the Administration Interface’s one.
  • UI: fixed regression that led to some message dialogs not being displayed.
  • UI: in the public keys editor pane, do not activate the remove button if no key is selected and do not allow to add duplicated keys to the list.
  • Fixed regression that caused disabled mount points with empty native paths to be discarded.
  • Fixed conversion to utf8 of virtual paths, which was wrongly misinterpreting some native encodings.
  • In case of login failure, the login timeout resumes counting down for the remaining time.

1.8.0 (2023-12-13)

Bugfixes and minor changes:

  • The autoban feature no longer bans clients with correct credentials that cannot log in due to exeeded connection limits
  • Report correct timestamps of mount points in directory listings
  • Fixed regression introduced in 1.8.0-rc1 resulting in “Do not require authentication” not working

1.8.0-rc2 (2023-11-16)

Critical bugfix:

  • TFixed regression related to path handling
  • Fixed off-by-one buffer overflow in handling of IPV6 addresses

New features:

  • Admin UI: sessions IPs and user names can now be independently copied into the clipboard
  • Added option to disable the automatic renewal of Let’s Encrypt certificates
  • SFTP: if all public keys for a user are removed and public key is their only auth method, prompt the user for confirmation
  • MSW SFTP: setting file permissions is an unsupported operation, but the error can be optionally disabed from the Admin UI

Bugfixes and minor changes:

  • Fixed bug in the updater that caused it to report new beta releases even if explictly told not to
  • User-provided certificates are now tested before being applied, so that the server always stays in a functioning state
  • Fixed potential issues in the impersonator process

1.8.0-rc1 (2023-09-04)

New features:

  • SFTP: multiple host keys can now be associated to a single user
  • SFTP: support for PKCS#1 (RSA), PKCS#8 and Putty v2 and v3 (ppk) host key formats has been added
  • SFTP: updated the underlying framework to the latest stable version
  • The number of open files, directories and sessions can now be limited, both on a group and user basis. The functionality is accessible via the “Limits” tab in the groups and users configuration panes
  • UI: private and public host keys can now be exported to file or copied to the clipboard
  • Implemented a new syntax for the placeholders to be used in the mount list native paths.”:u” becomes “%” and “:h” becomes “%“. Usage documentation has been added within the Administration Interface and can be accessed from a link below the mount table editor
  • Admin UI is now built against wxWidgets 3.2

Bugfixes and minor changes:

  • More explanatory logging in case of errors when reloading the configuration
  • UI: fixed bug that made it impossible to switch the type of a listener from FTP to SFTP
  • UI: the registration dialog can’t be interacted with any longer while the registration is in progress
  • SFTP: session termination in response to a client EOF now attempts a “gentle” shutdown before closing the socket, which makes some client not complain any longer
  • SFTP: fixed log message in case a client requested a SSH subsystem other than SFTP
  • MSW: Installer fixes for silent installation
  • 1.7.3 (2023-09-11)

    Bugfixes and minor changes:

    • Fixed a security vulnerability introduced in 1.7.0-rc1, update urgently recommended.

    1.7.2 (2023-06-07)

    Bugfixes and minor changes:

    • Fixed handling of the “processing” order status when creating Let’s Encrypt certificates
    • Fixed an issue with sessions getting kicked if settings were applied
    • SFTP: Fixed loading of host keys created in older versions due to a format change

    1.7.1 (2023-05-26)

    Bugfixes and minor changes:

    • UI: Fixed session list rendering issues on Windows
    • Banning an IP now also automatically kicks sessions with that IP
    • SFTP: On initial setup, both ECDSA and RSA host keys are now generated.
    • SFTP: Improved logging of authentication methods

    1.7.0 (2023-05-10)

    Bugfixes and minor changes:

    • Additional updater improvements
    • Validate passive mode port ranges, it is now an error if the range overlaps any of the regular listeners
    • SFTP: Disabled DH_GROUP1_SHA1

    1.7.0-rc2 (2023-04-28)

    Bugfixes and minor changes:

    • Small updater improvements
    • Print error message in log if hostname lookup fails while preparing data connection for passive mode
    • Fixes for login request throttler

    1.7.0-rc1 (2023-04-24)

    New features:

    • Implemented automatic checking of the availability of new releases, configurable via Configuration dialog in the Administration Interface

    Bugfixes and minor changes:

    • SFTP: fixed an issue that caused the server to disconnect from the client on partial reads
    • SFTP: correctly report to the client that multiple channels are not supported, rather than abruptly disconnect
    • The log file now contains the flavour and version number at the top
    • UI: the listeners are now easier to edit and navigate through

    1.6.7 (2023-02-20)

    Bugfixes and minor changes:

    • Fixed logging level in the Administration Interface settings dialog initially always showing Debug
    • Fixed a crash due to missing synchronization when adding authentication workers
    • Updated to GnuTLS 3.8.0
    • SFTP: Single authentication attemps with the NONE method no longer count against the autoban limit if they are followed by a different method

    1.6.6 (2023-02-01)

    Bugfixes and minor changes:

    • Fixed crash if throttled authentications were cancelled
    • Writing registration requests to an already existing file did not clear previous contents of the file
    • Offline registration workflow now checks that either key, or ordernumber and email have been provided.

    1.6.5 (2023-01-22)

    Bugfixes and minor changes:

    • SFTP: fixed remaining issues with error code reporting in case of filesystem errors, which caused an abrupt session termination.
    • Fixed a regression with the RNFR command

    1.6.4 (2023-01-18)

    Bugfixes and minor changes:

    • Fixed a deadlock if sessions destroyed during ongoing authentication
    • Fixed issues with the ABOR command
    • Fixed a crash in the converter for old 0.9.x configurations

    1.6.3 (2022-12-13)

    Bugfixes and minor changes:

    • SFTP: Remove trailing null from host key algorithm list that was confusing some clients

    1.6.2 (2022-12-08)

    Bugfixes and minor changes:

    • Fixed an issue with registration

    1.6.1 (2022-12-07)

    Bugfixes and minor changes:

    • MSW: Fixed an installation issue due to a service handle not being closed

    1.6.0 (2022-12-06)

    New features:

    • UI: it’s now possible to upload TLS certificates to the server directly from the UI, using a specific selector in the Security page of the protocols configuration.
    • UI: the maximum amount of characters in all text controls has been limited to a sensible number, so to avoid potential crashes or stalls in corner cases.

    Bugfixes and minor changes:

    • Fixed potential issues with locking of mutexes in the administration protocol
    • MSW: the installer now works properly also if the uninstaller from a previous installation has been deleted.
    • Fixed an issue in the networking code when dealing with TLS close_notify alerts.

    1.6.0-rc1 (2022-11-28)

    New features:

    • MSW: the installer now offers to keep the existing service configuration of a previously installed FileZilla Server whose release must be above or equal to 1.6.0.
    • UI: the main window position and size is now remembered across different runs.
    • UI: the server configuration can now be exported to a file and imported into another server. It is possible to select the specific parts of the configuration that are to be exported or imported.
    • UI: double-clicking on a item in the session list will pop up a dialog with security information about the session. The functionality can be also accessed via the context menu.
    • UI: file dialogs now remember the last used folder

    Bugfixes and minor changes:

    • UI: users’ group names are now sorted, with the active ones up in the list
    • UI: Clearly show when a session transfer is stalled
    • UI: it is now possible to cut/copy/paste numbers in the specific controls.
    • UI: Fixed various incoherencies in the state of the interface
    • UI: it is no longer possible to have the administration listeners conflict with the file transfer protocols servers listeners. In case of pre-existing conflicts in the configuration file, the administration listeners take precedence, so that it is still possible to change the FileZilla Server’s configuration.
    • UI: in some corner cases concurrently opening dialogs could cause instabilities. These dialogs are now queued up and opened sequentially.
    • UI: fixed crash that could happen when selecting a public key for a user
    • *nix: fixed dependencies in the Debian installer
    • *nix: fixed installation directory of the icons
    • SFTP: private/public key pair authentication can now be used together with password authentication and/or OTP-based 2FA.
    • SFTP: fixed issue that caused large files transfer to be interrupted, due to packets being mishandled during rekeying.
    • SFTP: the server now support multiple host keys, which can either be self-generated through the UI or installed as plain files on the server itself.
    • SFTP: RSA keys up to 8KiB can now be used.
    • SFTP: it’s now more precise on the reason a file was not successfully opened, avoiding abrupt session termination because of a misused SSH_FX_FAILURE return code.
    • SFTP: file truncation now works. Appending still doesn’t, nor does opening a file in read+write mode.
    • SFTP: fixed support for large files

    1.5.3 (2022-08-11)

    Bugfixes and minor changes:

    • SFTP: Reduced per-session memory reservation
    • Fixed a crash on network errors while renewing Let’s Encrypt certificates
    • MSW: Communication with the impersonator child process no longer stalls or fails under heavy load
    • User-specific impersonation is now working again

    1.5.2 (2022-08-19)

    Bugfixes and minor changes:

    • SFTP: Fix display of large sizes in longname
    • SFTP: Display faux-permissions for clients that cannot handle attributes without SSH_FILEXFER_ATTR_PERMISSIONS

    1.5.1 (2022-07-29)

    Bugfixes and minor changes:

    • Fixed a crash if a session is closed and the data connection receives a connection error at the same time
    • MSW: The notification area icon now displays again in all display scale factors
    • Admin UI: Fixed switching from “Use system credentials to log in” to “Require a password to log in” not applying

    1.5.0 (2022-07-20)

    Bugfixes and minor changes:

    • Admin UI: Connection dialog did not remember the last used port if there are multiple saved entries for the same hostname with different ports

    1.5.0-rc1 (2022-07-12)

    New features:

    • Server: Implemented throttling of login attempts in case of too many failed attempts.
    • Server: The version number in the welcome message can now be manually suppressed by setting the “has_version” attribute of the message field in the configuration file to “false”.
    • MSW: If the service is running under the SYSTEM account, configuration files are now placed under %PROGRAMDATA%\filezilla-server. This is to workaround the issue that when doing a Windows Update the settings could be wiped out. Settings still residing under %LOCALAPPDATA%\filezilla-server are automatically migrated.
    • Communication with the impersonator child process is now asynchronous
    • Admin UI: The password fields in the configuration dialog now shows a hint to inform the user about how to keep the existing password

    Bugfixes and minor changes:

    • Admin UI: Fixed a crash in listener editor
    • Admin UI (macOS): Implemented workarounds for some wxWidgets glitches and malfunctions.
    • Admin UI: The system_user’s name cannot be edited anymore (rightly so)
    • Configuration data that cannot be serialized now prevents an incomplete output file from being written to disk
    • Sudden deaths of the impersonator process no longer cause unintended behavior
    • Fixed server crashes due to unexpected socket events in some corner cases
    • MSW: Due to a toolchain issue, programs making use of thread-local variables would crash on exit. Implemented a workaround, until it gets addressed by future MinGW toolchains
    • The number of possible worker threads has been reduced to a maximum of 256
    • FTP Server: The NLST command now reports paths compliant with RFC 1123
    • When using the command line parameter –config-version-check ignore, the expected version is now written to the settings files if a mismatch is detected
    • *nix: Logo icons are no longer embedded in the executables, they are instead installed to the proper system paths
    • *nix: Added a filezilla-server-gui.desktop file, so that the Admin UI can easily be opened by desktop environments
    • Maximum number of log file rotations has been reduced to a more sensible amount and the rotation algorithm has been changed to be more efficient

    1.4.1 (2022-05-06)

    Bugfixes and minor changes:

    • Admin UI: Fixed a crash on the listener page
    • Admin UI: Improved workflow for changing user passwords
    • MSW: Fixed an issue with the converter for configurations from FileZilla Server 0.9.x

    1.4.0 (2022-04-29)

    Bugfixes and minor changes:

    • Debian: by default the service is now configured to exclude headers from log lines, since journald outputs its own headers already.
    • Mac: fixed regression that made the installed service not startable
    • Admin UI: changed wording in the logging settings
    • Admin UI: made default connection values correct, in case the settings file is missing.
    • MSW: fixed various bug in the ExecDos plugin, that could cause the admin password not to be set properly.
    • MSW: non-ASCII admin passwords can now be properly used.
    • MSW: fixed a bug in libfilezilla that caused an unexpected failure when creating directories with restricted access. It had effects on the ACME account creation.

    1.4.0-rc1 (2022-04-20)

    Critical bugfix

    • MSW: the installer doesn’t rely on the PATH environment variable to find the tools it needs, but refers to them absolutely, to avoid hijacking.

    New features:

    • The size of the TCP buffer sizes on the sockets used for data transfers can now be specified
    • Configuration files are now tagged with a “flavour” and a version number. The Server will refuse to load configuration files with a different flavour than its own or with a version higher than its own. The server’s option –config-version-check can be used to control this functionality: if specified, the server checks the versioning, performs the required action and then exit, unless its action is ‘ignore’. If the action is ‘error’, it just checks whether the versions are ok. If the action is ‘backup’, then a backup of the files is made if the versions are not ok. The parameter –config-version-check-result-file is used to specify a file in which the result of the version check has to be put. If the file contains ‘ok’, then everything went file. If the file contains ‘error’, then there was an error. If the file contains ‘backup’, then a backup was made. The installer makes use of this functionality.
    • Admin UI: the selected log entries can now be copied to the clipboard, in CSV, HTML and plaintext formats through the context menu
    • Admin UI: the settings dialog layout has been changed to accomodate for future other protocol settings, factoring out the settings that are common to all protocols.
    • Admin UI: adjusted borders and spacing to look better on HiDPI displays.
    • Admin UI: preserve the fingerprints of the previously connected servers. The connection dialog gives hints when inputing the host and port.
    • Log files can optionally be rotated daily instead of by size
    • Added option to specify a default user to impersonate if a user logs in with an account that does not use impersonation

    Bugfixes and minor changes:

    • MSW: The installer not detects and rejects 32bit Windows
    • MSW, Admin UI: No more double error message when a validation error occurs
    • Admin UI: Solved a crash and fixed other bugs related to minimzing the main window to the notification area
    • Server: –write-config option now also updates the users and groups configuration files
    • Server: the log contains more detailed info about which configuration files have been saved
    • Admin UI: the controller used for editing numbers now correctly accepts negative integers
    • The network config wizard’s text has been updated to be more explanatory and intuitive
    • Self signed certificates don’t require a 2nd level domain anymore
    • Admin UI: the system user is now always at the top
    • Admin UI: more meaningful message if the password is empty
    • Admin UI: message dialogs now always have a reference to the top window
    • FTP: QUIT needs to respond with 221, not 200
    • Bug fixes to the internal HTTP library
    • MSW: the installer now correctly displays the progress bar in all cases
    • Fixed a confusing error message in some situations if trying to list non-existing directories
    • Admin UI: fixed regression that caused the progress bar not to show on downloads from the server.

    1.3.0 (2022-02-14)

    New features:

    • Configuration wizard to setup passive mode
    • Linux: Warn if sysctl knob kernel.yama.ptrace_scope is 0
    • Linux: Refuse to run if sysctl knob fs.protected_hardlinks is 0

    Bugfixes and minor changes:

    • Admin UI: Rejecting a certificate fingerprint prompt no longer triggers automatic reconnects

    1.3.0-rc1 (2022-02-03)

    Critical bugfix

    • The internal tool filezilla-server-crypt now accepts the password from stdin, not anymore as a parameter, to avoid password leaking.
    • Mountpoints are now impossible to rename or delete.

    New features:

    • The configuration files can now be reloaded without shutting down the service first. To make it work, send the SIGHUP signal to the service process on nix, send the paramchange control message to the service on Windows (i.e. ‘sc control filezilla-server paramchange’).
    • The UI now automatically attempts to reconnect to the server if the connection is lost
    • MSW: users are now case-insensitive
    • Mac: created an installer
    • Display the administration TLS certificate fingerprints at installation time, so that they can be taken note of.
      Negotiate custom ALPN with FileZilla Client, this allows saving a few round-trips during connection establishment

    Bugfixes and minor changes:

    • Warn if no administration password has been given during installation.
    • In TVFS, fixed implicit root “/” not being accessible, trac #12617.
    • In TVFS, an implicit mountpoint whose parent is non-recursive is now able to be listed and cwd’d into.
      Solved off-by-one bug in path normalization.
    • Reported filesystem errors are permanent, hence use 5yz error codes rather than 4yz error codes in command replies.
    • Permissions are now correctly updated in the UI when the current selected user changes.
    • Fixed regressions in the UI related to the TLS certificates generation.
    • MSW: the installer now correctly support the /D parameter, used to define a different default installation directory from the command line.
    • Debian: the installer now asks for an administration password.
    • Errors during ACME certificates generation are now properly displayed in the UI.

    1.2.0 (2021-12-23)

    Bugfixes and minor changes:

    • Small usability changes to setting up Let’s Encrypt certificates

    1.2.0-rc1 (2021-12-18)

    New features:

    • Created Debian and macOS packages
    • Introduced more finegrained access controls for the mountpoints

    Bugfixes and minor changes:

    • MSW: Disallow files and directories ending on space or dot
    • If a user gets disabled, corresponding sessions are now kicked
    • Let’s Encrypt certificates are now only renewed if in use.
    • The UI now lets you edit users info even if they’re disabled.
    • Fixed support for UNC pathames on Windows
    • Fixed a few regressions
    • Autoban now shares state across login sessions, which makes it work as intended.
    • The UI now clearly shows in the log whenever it has connected with the FileZilla FTP server.

    1.1.0 (2021-10-29)

    Critical bugfix

    • MSW: Fixed directory traversal vulnerability

    Bugfixes and minor changes:

    • MSW: Fixed installer getting stuck if not installing all components
    • MSW: Instlaller enables minidump for executables
    • Fixed CIDR parsing
    • Fixed potential crash if a transfer gets aborted

    1.1.0-beta1 (2021-10-19)

    New features:

    • User impersonation, FileZilla Server can now optionally let users log in using the credentials of system accounts and use their filesystem permissions
    • Added description field to users and groups
    • Added enable checkbox to users
    • Status bar in administration UI now shows connection status

    Bugfixes and minor changes:

    • Logging fixes
    • Fixes to auto-ban logic
    • Fixed crash if changing users during ongoing directory listings

    1.0.1 (2021-09-20)

    New features:

    • Log messages in the administration interface are now colored using the same scheme as FileZilla client’s and automatically scroll down unless the user decides otherwise.

    Bugfixes and minor changes:

    • The Windows installer no longer disrupts logging settings from previous installations
    • Fixed a bug that would cause failed transfers in certain conditions
    • Fixed display of vowels with umlauts and other non-ASCII characters in the groups selection for users in the administration interface
    • Fixed assorted crashes
    • Fixed possible race conditions

    1.0.0 (2021-09-14)

    New features:

    • Support for Let’s Encrypt and other certificate providers using ACME
    • Improved display of log messages in the administration interface

    Bugfixes and minor changes:

    • Changed session ticket/PSK generation when using TLS 1.3, new tickets are now only sent on the control connection
    • Changes to settings such as passive mode ports now affect connected sessions
    • Deleting a user now affects connected sessions logged in as that user
    • Fixed assorted crashes

    1.0.0-rc5 (2021-07-28)

    Bugfixes and minor changes:

    • Fixed passive mode port settings
    • Minimum allowed TLS version is now 1.2, added configuration option to restrict it further to 1.3
    • Fixed progress display during uploads to the server

    1.0.0-rc4 (2021-07-19)

    New features:

    • Admin UI: Added checkbox to connect dialog to automatically connect at start
    • Admin UI: Added menu item to start interface minimized
    • Fixed data from a failed download being prepended to a subsequent download

    Bugfixes and minor changes:

    • Admin UI: Display additional certificate information such as SANs and subject DN.
    • Admin UI: Simplified selection of log levels
    • Onboarding: After first installing the server, it listens on port 21 by default

    1.0.0-rc3 (2021-07-12)

    Bugfixes and minor changes:

    • Changed permissions of created settings and log files and directories, they now also grant Windows’ built-in Administrators group full access. Does not change existing files from previous versions.

    1.0.0-rc2 (2021-07-05)

    Bugfixes and minor changes:

    • Fixed a crash in the converter for old configurations

    1.0.0-rc1 (2021-07-01)

    New features:

    • Initial distribution of the new FileZilla Server

Index: