Current Serv-U FTP Server Release Notes

The Best for Less
Secure file transfer & share files
from anywhere - affordably

BUY NOW
FREE for 30 Days
Full featured trial with secure
FTP, file sharing & web transfer

DOWNLOAD FREE TRIAL

Serv-U FTP Server Release Notes

Major Serv-U FTP server changes are also summarized on our Recent Features page. To update your software or start your FTP server evaluation, visit our Download page.

Choose Version:

Serv-U Version 15.1.0.480

Serv-U 15.1.0.480 was released June 3, 2014. A complete list of changes and upgrades follows:

Features:
  • Added automated file management: Serv-U can be set up to automatically delete or archive files within specified folders after a configurable number of days.
  • Added support for associating multiple public SSH/SFTP keys with a user account for the purposes of public authentication.
  • Added the ability to create "anonymous" file shares, search in file shares, set file sharing options on the administrative level, share files larger than 2 GB, and share files that are already on the server.
  • Graphically enhanced New Domain Wizard, containing an extra step to assist in the configuration of a file sharing domain.
  • Redesigned FTP Voyager JV and Management Console landing page and navigation controls. The Management Console landing page displays useful statistics immediately after login, and navigation among menu items is quicker and easier. The Management Console also informs administrators of the status of their software maintenance.
  • Introduced custom branding for the guest user UI. It is now possible to define custom logos to be displayed in File Sharing and the Web Client.
  • In product notifications about new versions. The availability of a new version is displayed for administrators in the Management Console.
  • Added a link to the "File uploaded to share" and "File downloaded from share" email notifications that takes users to the FileShare details page.
  • Enhanced Web Client Pro launching indication. Web Client Pro indicates the process of launching directly in the Java applet.
  • Improved LDAP authentication process to be compatible with more LDAP servers and configurations. It is now also possible to specify the connection account information for LDAP servers.
  • Enhancements in setting up the user interface. The Web Client can now be disabled.
  • Updated the file share details page to allow users to save a new password for a file share. The page now also includes pagination controls for the file download history.
  • Updated the Serv-U Tray About box to use a single "Close" button instead of the dual "OK/Cancel" buttons.
  • Changed the location for pid and memory files on Linux. The pid is now stored in /var/run, and the memory-mapped file is stored in /var/tmp instead of /tmp.
  • Added additional logging to help diagnose user authentication issues, including targeted LDAP error information, and issues with accessing a user account's home directory.
  • Added an option for configuring whether password autocompletion is allowed on the Serv-U login screen.
  • Added a "What's New" resource that displays new features contained in major releases of Serv-U.
  • Improved the paging mechanism of the "View All" pages within the File Sharing client.
  • Guest users can now access the main Web Client login screen by removing the share token from the URL.
  • Improved the logic of the "Guest Email Address(es)" field located within the File Sharing wizards. It is possible to paste a string into the field, and all valid email addresses are extracted from it.
  • Updated the Web Client's dynamic right-click menus to a newer look and feel.
  • Added the ability to remove Serv-U version information from HTTP response headers.
Bug Fixes:
  • Corrected a potential security issue where Serv-U would respond to regular HTTP requests on an HTTPS listener if it could not load the certificate or private keys configured for use with SSL.
  • Corrected an issue where the Management Console was loading slowly after an upgrade.
  • Corrected a number of potential security issues.
  • Corrected an issue where the custom logo was not displayed correctly in the Web Client and the File Sharing user interfaces.
  • Corrected an issue where a global user could access the File Sharing interface even if it is disabled on the domain level.
  • Corrected an issue where it was possible to directly navigate to a Serv-U directory without logging in. However, users were not allowed to perform any actions on the page since they were not logged in. Serv-U now redirects users to the login page when they try to access a directory without authentication.
  • Corrected an issue where the Default Web Client interface was not working if the other client interfaces were disabled.
  • Corrected an issue where a 404 error occurred on Linux systems when a group admin user logged in to the Web Client and used the Jump to menu to return to the Management Console.
  • Corrected an issue where creating a limit to allow users to change password at the Group level caused display issues with the group's password limits.
  • Corrected an issue where guest users could not upload or download files from virtual domains.
  • Corrected an issue in the File Sharing client where the pages were only partially displayed when the View All Requested button was clicked.
  • Corrected an issue where transparency did not work with custom logos on Linux.
  • Corrected an issue where an error occurred during file upload when the upload directory was read-only.
  • Corrected a Linux issue where default processes were left behind when an "Execute Command" event was triggered.
  • Corrected a Linux issue where system variable parameters were passed incorrectly to external applications.
  • Corrected a Linux issue introduced in version 12.0.0.2, where Serv-U did not release the socket for connections coming from a banned IP address. This caused Serv-U to stop functioning properly when it reached the maximum number of open file descriptors allowed by the operating system.
  • Corrected an issue where connections from internal IP addresses could receive a PASV IP address in use by the Serv-U gateway when a permanent PASV port range was assigned to Serv-U.
  • Corrected an issue where the case sensitivity of the LDAP login ID caused file share queries to fail.
  • Corrected an issue where the Web Client was loading slowly over HTTPS.
  • Corrected an issue where for users authenticating through Windows Authentication the Organizational Units (OUs) were not retrieved, unless the full UPN was used during login.
  • Corrected a Gateway bug where PASV mode data connections through a gateway were broken when the "Block FTP_Bounce attacks" option was turned on.
  • Corrected a Javascript error in the Spanish version of Serv-U.
  • Corrected an issue where the partially uploaded, corrupted files were not deleted automatically when the internet connection was interrupted during a file upload to the file share.
  • Corrected an LDAP issue where the OU membership was not parsed for an LDAP user, unless that user also belonged to at least one security group.
  • Corrected an issue where browsing to select the file share repository folder did not insert the full path if the folder was selected without navigating into it.
  • Corrected an issue where for users authenticating through Windows Authentication, it might not have been possible to use the file sharing feature without the server administrator granting domain users access to the file sharing repository on the system.
  • Corrected a Linux issue where Serv-U did not load the LibGD properly on distributions using version 3 of the LibGD package. Serv-U now attempts to load the latest package using a symbolic link which is present on most distributions.
  • Corrected a Linux installer issue where Serv-U and Serv-U Gateway services were not removed during an uninstallation.
  • Corrected a Linux installer issue where the console mode install of Serv-U Gateway did not respect the user's choices regarding installing as a service and running the Gateway after installation.
  • Corrected a potential security issue where cookies delivered over HTTPS before the user logs in were not marked with the "secure" attribute. These cookies did not contain confidential data, but could cause warnings in security scanning software.
  • Corrected a potential security issue where Serv-U did not set the "no-store" property in the Cache-Control of HTTP response headers for files that should not be cached.
  • Corrected a potential security issue where Serv-U could reveal valid login IDs using the HTTP password recovery feature that reported a distinct error message when an invalid login ID was supplied.
  • Corrected a potential security issue where certain cookies could be susceptible to XSS/HTML injections. These cookies did not contain confidential data but could cause warnings in security scanning software.
  • Corrected a potential security issue where certain HTTP request parameters could be susceptible to XSS/HTML injections. These vulnerabilities were found using security scanning software.
  • Corrected an issue where the SMTP notification text was running over the boundary of the File Sharing Settings area in the File Sharing tab of the Limits and Settings page when Internet Explorer was used.
  • Corrected an FTP Voyager JV issue where the launch page showed Google Chrome instructions on an Opera15+ browser.
  • Corrected a number of Web Client user interface issues.
  • Corrected a Mobile Web Client issue where the Logout button caused the browser to enter into a recursive redirect state.
  • Corrected a Mobile Web Client issue where the copyright information was not displayed correctly.
  • Corrected a Web Client Pro issue where dialogs were pushed behind the browser window on Mac OSX operating systems.
  • Corrected a Web Client Pro issue introduced with JRE1.7_45, where a JRE security prompt was displayed regarding javascript-to-java calls.
  • Corrected a File Sharing issue where the SMTP confirmation prompt appeared behind the successful creation prompt of an incoming file share.

Serv-U Version 15.0.1.20

Serv-U 15.0.1.20 was released February 19, 2014. A complete list of changes and upgrades follows:

Features:
  • Added a dialog that informs Web Client Pro users about the options they have if they use JVMs older than version 7u51.
  • Improved support for Internet Explorer.
Bug Fixes:
  • Corrected a bug when wildcards were not working correctly on Linux while doing a directory listing in FTP.
  • Corrected a bug where SDK did not integrate calls from other threads into the application.
  • Corrected a bug where file sharing did not work correctly on 32-bit Linux systems.
  • Corrected a bug where the HTTP limits were not displayed while configuring limits at the group and user levels.
  • Corrected a bug where SFTP key renegotiation failed when zlib compression was used.
  • Corrected a bug where the setting that allows users to change their password did not work correctly.
  • Corrected a bug where the auto-disabling database users were continuously expired during displaying ODBC users in Management console.
  • Corrected a security issue that allowed for a Denial of Service attack, which could make Serv-U unresponsive.
  • Corrected a Web Client Pro and FTP voyager JV issue where these Java applications would fail to launch correctly when the Oracle Java Runtime was updated to Java 7 Update 51.
  • Corrected an issue where HTTPS connections may fail to close after all data has been transferred. Affected installs of Serv-U would demonstrate degraded Management Console performance or errors. This most commonly occurred on Linux deployments with a single core processor.
  • Corrected an SFTP (via SSH2) bug, introduced in Serv-U 10.2.0.0, where each connected session caused Serv-U to consume an excessive amount of memory until the session was disconnected.
  • Corrected a Web Client bug where users configured with FTP Voyager JV as their default web client did not see the FTP Voyager JV landing page when accessing Serv-U from a new browser window when the browser still had an active session cached.

Serv-U Version 15.0.0.0

Serv-U 15.0.0.0 was released August 20, 2013. A complete list of changes and upgrades follows:

Note: File Sharing is not supported within high availability environments.

Features:
  • Improved File Sharing feature that utilizes email initiated transfer of files.
  • Improved Web Client user interface.
  • Rebranded the company information from RhinoSoft to SolarWinds for Serv-U, Serv-U Gateway, FTP Voyager JV, and Web Client Pro.
  • Changed licensing information from RhinoSoft editions (Bronze, Silver, Gold, and Platinum editions) to SolarWinds editions (FTP server and MFT server editions).
  • Updated the FTP Voyager JV JIDE user interface library to version 3.5.5.
  • The full version number is now displayed in the version column of the "Programs and Features" / "Add/Remove Programs"screen on Windows.
  • Updated version number displayed during install to include more of the minor version.
Bug Fixes:
  • Corrected a security issue that allowed for possible SSL denial of service attacks.
  • Corrected a security issue when using "Require Fully Qualified Membership" LDAP login settings.
  • Corrected an issue with scrollbars missing in Mozilla Firefox browsers in the Management Console.
  • Corrected an issue with "User Login Failure" events when using SFTP Client Key Authentication.
  • Corrected an issue with the Serv-U Linux uninstall option not working.
  • Corrected a Web Client Pro issue after updating to Java 7 Update 21, making WCP unusable.
  • Corrected an FTP Voyager JV bug where the JIDE user interface library would fail to load on Macintosh operating systems.
  • Corrected an FTP Voyager JV bug where a large file could fail to upload when a slow speed limit is set within Serv-U. End-users can now manually set the duration of when the client-side timeout should occur.
  • Corrected an FTP Voyager JV bug where a local directory listing could take a long time to process due to UNC paths being specified as targets to Windows shortcuts (.lnk) files.
  • Corrected a Linux bug where the uninstall desktop shortcut used by certain desktop environments failed to work properly.
  • Corrected a Web Client Pro bug where the web page would fail to communicate with the applet when the Java Runtime was updated to Java 7 Update 21 or Java 6 Update 45.
  • Corrected an LDAP bug where users could not login using SFTP (via SSH2).
  • Corrected a Web Client bug where the "Recover Password" button was displayed along with the notice about JavaScript being disabled in the browser.
  • Corrected a Web Client bug where the link provided to login when attempting to access a restricted page prior to logging in was broken.

Login to Customer Service Center

Please enter your e-mail address and password in the fields below.

Email Address:

Password: