Submit a ticketCall us

Looking to compare latest NPM features with previous versions of NPM?
The NPM new feature summary offers a comparison of new features and improvements offered with this release.

 

Home > Success Center > Serv-U Managed File Transfer & Serv-U FTP Server > Serv-U v15.1 Release Notes

Serv-U v15.1 Release Notes

 

Created by Caroline Juszczak, last modified by MindTouch on Jun 23, 2016

Views: 6 Votes: 0 Revisions: 2

Updated June 3, 2014

These release notes provide additional guidance for Serv-U v15.1.

Note

  • Serv-U no longer supports Internet Explorer 7.

New Features and Improvements

Serv-U v15.1 includes the following new features and improvements:

  • Automated file management
    Serv-U can be set up to automatically delete or archive files within specified folders after a configurable number of days.
  • Multiple SSH/SFTP keys per user
    For the purposes of public authentication, Serv-U supports associating multiple public keys with a user account.
  • Enhanced file sharing
    Serv-U now supports creating anonymous file shares, searching in file shares, setting file sharing options on the administrative level, sharing files larger than 2GB, and sharing files that are already on the server.
  • Updated New Domain Wizard
    The wizard is graphically enhanced, and contains an extra step to assist in the configuration of a file sharing domain.
  • Redesigned and enhanced FTP Voyager JV and Management Console landing page and navigation controls
    The Management Console landing page displays useful statistics immediately after login, and navigation among menu items is quicker and easier. The Management Console also informs administrators of the status of their software maintenance.
  • Custom branding for the guest user UI
    It is now possible to define custom logos to be displayed in File Sharing and the Web Client.
  • In product notifications about new versions
    The availability of a new version is displayed for administrators in the Management Console.
  • Enhanced email notification of file shares
    The "File uploaded to share" and the "File downloaded from share" email notifications now contain a link to the FileShare details page.
  • Enhanced Web Client Pro launching indication
    Web Client Pro now indicates the process of launching directly in the Java applet.
  • Improved LDAP authentication process
    The LDAP authentication process is compatible with more LDAP servers and configurations, and it is possible to specify the connection account information for LDAP servers.
  • Enhancements in setting up the user interface
    The Web Client can now be disabled.
  • Updated file share details page
    Users can save a new password for a file share, and the page also includes pagination controls for the file download history.
  • Updated Serv-U Tray About box
    The box now uses a single Close button instead of the dual OK/Cancel button.
  • Changed location for pid and memory files on Linux
    The pid is now stored in /var/run, and the memory-mapped file is stored in /var/tmp instead of /tmp.
  • Enhanced logging
    The additional logging helps diagnose user authentication issues, including targeted LDAP error information, and issues with accessing a user account's home directory.
  • New option for setting up password autocompletion
    It is possible to configure whether password autocompletion is allowed on the Serv-U login screen.
  • What's New resource
    The resource displays the new features contained in major releases of Serv-U.
  • Enhanced File Sharing client
    The paging mechanism of the View All pages within the client has been improved.
  • Improved Web Client access for guest users
    Guest users can access the main Web Client login screen by removing the share token from the URL.
  • Improved logic of the Guest Email Address(es) field in the File Sharing wizards
    It is possible to paste a string into the field, and all valid email addresses are extracted from it.
  • Enhanced menus in the Web Client
    The dynamic right-click menus in the Web Client are updated to a newer look and feel.
  • Improved HTTP response header settings
    It is possible to remove the Serv-U version information from HTTP response headers.

Fixed Issues

Issue Case Number
Serv-U responded to regular HTTP requests on an HTTPS listener if it could not load the certificate or the private keys configured for use with SSL.

 

455821
The Management Console was loading slowly after an upgrade.

 

467002
Fixes to potential security issues. 463452

 

The custom logo was not displayed correctly in the Web Client and the File Sharing user interfaces.

 

527765, 519715, 509478
A global user could access the File Sharing interface even if it was disabled on the domain level.

 

513921

It was possible to directly navigate to a Serv-U directory without logging in. However, users were not allowed to perform any actions on the page since they were not logged in. Serv-U now redirects users to the login page when they try to access a directory without authentication.

516215
The Default Web Client interface was not working if the other client interfaces were disabled.

 

552775, 519582
404 error occurred on Linux systems when a group admin user logged in to the Web Client and used the Jump to menu to return to the Management Console.

 

512681
Creating a limit to allow users to change password at the Group level caused display issues with the group's password limits.

 

506812
Guest users could not upload or download files from virtual domains.

 

515528, 524288
When clicking View All Requested in the File Sharing client, the pages were only partially displayed.

 

525992
Transparency did not work with custom logos on Linux.

 

-
Error during file upload when the upload directory was read-only.

 

599824
Connections from internal IP addresses could receive a PASV IP address in use by the Serv-U gateway when a permanent PASV port range was assigned to Serv-U.

 

583129, 580145
The case sensitivity of the LDAP login ID caused file share queries to fail.

 

578778
The Web Client was loading slowly over HTTPS.

 

533297
For users authenticating through Windows Authentication, the Organizational Units (OUs) were not retrieved, unless the full UPN was used during login.

 

-
When the Block "FTP_bounce" attacks option was turned on, PASV mode data connections through a gateway were broken.

 

543244
Javascript error in the Spanish version of Serv-U.

 

585983
When the internet connection was interrupted during a file upload to the file share, the partially uploaded, corrupted files were not deleted automatically.

 

-
OU membership was not parsed for an LDAP user, unless that user also belonged to at least one security group.

 

-
Browsing to select the file share repository folder did not insert the full path if the folder was selected without navigating into it.

 

-
For users authenticating through Windows Authentication, it might not be possible to use the file sharing feature without the server administrator granting domain users access to the file sharing repository on the system.

 

513264, 543426
SSH key files were migrated incorrectly from an Oracle database.

 

-
Email addresses failed to be imported from an Oracle database.

 

-
Database columns were generated incorrectly when an Oracle database was used.

 

-
Fixes to the following Linux issues:

 

  • Serv-U did not load the LibGD properly on distributions using version 3 of the LibGD package. Serv-U now attempts to load the latest package using a symbolic link which is present on most distributions.
  • Linux installer bug where Serv-U and Serv-U Gateway services were not removed during an uninstallation.
  • Linux installer bug where the console mode install of Serv-U Gateway did not respect the user's choices regarding installing as a service and running the Gateway after installation.
  • System variable parameters are passed incorrectly to external applications.
  • When an "Execute Command" event was triggered, defunct processes were left behind.
  • An issue introduced in version 12.0.0.2, where Serv-U did not release the socket for connections coming from a banned IP address. This caused Serv-U to stop functioning properly when it reached the maximum number of open file descriptors allowed by the operating system.

 

504147, 601820, 598159, 568919
Fixes to the following potential security issues:

 

  • Cookies delivered over HTTPS before the user logs in were not marked with the "secure" attribute. These cookies do not contain confidential data but could cause warnings in security scanning software.
  • Serv-U did not set the "no-store" property in the Cache-Control of HTTP response headers for files that should not be cached.
  • Serv-U could reveal valid login IDs using the HTTP password recovery feature that reported a distinct error message when an invalid login ID was supplied.
  • Certain cookies could be susceptible to XSS/HTML injections. These cookies did not contain confidential data but could cause warnings in security scanning software.
  • Certain HTTP request parameters could be susceptible to XSS/HTML injections. These vulnerabilities were found using security scanning software.

 

-
When Internet Explorer was used, the SMTP notification text was running over onto the boundary of the File Sharing Settings area in the File Sharing tab of the Limits and Settings page.

 

-
The FTP Voyager JV launch page showed Google Chrome instructions on an Opera 15+ browser.

 

-
Fixes to Web Client user interface issues.

 

-
Fixes to the following Mobile Web Client issues:

 

  • The Logout button caused the browser to enter into a recursive redirect state.
  • The copyright information was not displayed correctly.

 

-
Fixes to the following Web Client Pro issues:

 

  • Dialogs were pushed behind the browser window on Mac OSX operating systems.
  • A bug introduced with JRE1.7_45, where a JRE security prompt was displayed regarding javascript-to-java calls.

 

-
The SMTP confirmation prompt appeared behind the successful creation prompt of an incoming file share.

 

-

Legal

Copyright © 1995-2014 SolarWinds Worldwide, LLC. All rights reserved worldwide.

No part of this document may be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the written consent of SolarWinds. All right, title, and interest in and to the software and documentation are and shall remain the exclusive property of SolarWinds and its respective licensors.

SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON SOFTWARE AND DOCUMENTATION FURNISHED HEREUNDER INCLUDING WITHOUT LIMITATION THE WARRANTIES OF DESIGN, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

The SOLARWINDS, the SOLARWINDS & Design, DAMEWARE, ORION, and other SolarWinds marks, identified on the SolarWinds website, as updated from SolarWinds from time to time and incorporated herein, are registered with the U.S. Patent and Trademark Office and may be registered or pending registration in other countries. All other SolarWinds trademarks may be common law marks or registered or pending registration in the United States or in other countries. All other trademarks or registered trademarks contained and/or mentioned herein are used for identification purposes only and may be trademarks or registered trademarks of their respective companies. Microsoft®, Windows®, and SQL Server® are registered trademarks of Microsoft Corporation in the United States and/or other countries.

Last modified
02:37, 23 Jun 2016

Tags

Classifications

Public