We are announcing the latest release of SFTPPlus version 4.6.0.

New Features

  • You can now configure a file-dispatcher event handler to retry the processing of a file. [#5302]
  • The generic Linux package has been re-based on glibc version 2.5 to cover older distributions, including (but not limited to) Red Hat Enterprise Linux 5.11. [#5453]
  • You can now start the SysV init script and the OpenRC service file in debug mode using the "debug" option. [#5474]
  • Running multiple concurrent SFTPPlus instances from the same installation path is now documented for all Linux init systems. A simplified SysV init script for running multiple concurrent instances from the same installation path has been added and documented. [#5477]
  • You can now convert SSL files from PFX / P12 files to PEM format using the web management GUI. [#5489]

Defect Fixes

  • An internal error is no longer generated when the FTP command channels times out before the command channel. [server-side][ftp] [#5467-1]
  • The ProxyProtocol v2 support now works with FTPS explicit and implicit protocols. In the previous version, the Proxy Protocol was only supported for FTP. [server-side][ftp] [#5467-2]
  • A transfer no longer fails when the source detects a path with multiple operations on the same node id. [#5468-1]
  • An internal error is no longer generated when starting an FTP service without allowing any authentication credential type. [ftp][ftps][server-side] [#5476-1]
  • An internal error is no longer generated when starting an FTP service without a password-based authentication type. [ftp][server-side] [#5476-2]
  • When failing to allocate a new passive port, the error message now contains the error details provided by the operating system. [ftp][ftps][server-side] [#5476]
  • When failing to read the configuration file at startup, an error is now visible. [#5479]
  • A security issue was fixed where SFTPPlus was not checking if the remote peer has a copy of the private key when using the HTTP authentication method together with SSH key authentication. This security issue only affects SSH key authentication when using the external HTTP authentication method. This does not affect the SSH key authentication when using the embedded SFTPPlus credentails validation. [server-side][sftp][scp][security] [#5480]
  • Local Manager's user interface for the OS authentication method was updated to inform that all OS accounts are denied access when no OS group is configured. [server-side] [#5483]
  • An internal error is no longer raised when trying to directly access the HTTP service login URL while already authenticated. [server-side][http][https] [#5487]

Deprecations and Removals

  • Event with ID 50012 emitted by the Local Manager web interface was removed. It was replaced by the generic event with ID 50003, which is raised when failing to apply a configuration change request. [local-manager] [#5476-1]
  • Event with ID 20041 was removed as it is now redundant and never emitted. [server-side] [#5476-2]
  • The events with ID 10017 and 10018, emitted by the FTP service for an invalid configuration, were removed and replaced by the generic event ID 20158 emitted when a service fails to start. [ftp][ftps][server-side] [#5476]
  • Events with ID 30069 and 30070 were removed and replaced with the event ID 30007 which is emitted for any error occured during the SSH authentication protocol. [server-side][sftp][scp] [#5480]
  • Event with ID 50024 was removed and was replaced by ID 50023, which is emitted when an administrator request fails via the web based GUI. [#5489]

You can check the full release notes here.