New Release Available: Version 13.2

Hello from the Cerberus team!

We're pleased to announce our latest release: Cerberus FTP Server 13.2. This latest edition incorporates a number of fixes, updates to features, and new features. 

New Features and Improvements:

Version 13.2 includes the following additions, fixes and improvements:

• New: Added One-Time Password option to public shares
• New: SAML SSO now supports Okta identity provider
• New: Upgraded OpenSSL to 3.0.12
• New: Upgraded cURL to 8.4.0
• New: Upgraded Bootstrap to 5.3.1 version for Web Client Login Page
• Known Issue: Customized Themes other than Default Theme won’t be applied to client login page
• Improved: skipping invalid too long password hashing to help prevent DOS
• Improved: public share reporting with a PostgreSQL database provides the same information as other DBs
• Improved: Zip actions are better reflected in the File Report, with additional information when objects are added to archives
• Improved: In Event Manager conditions, clarify if a rule has an implicit OR; allow using a comma without interpreting as an OR
• Improved: In Server Manager: Security, the TLS and SSH Verify routines have been separated allowing verifying a specific section
• Improved: User passwords will now be automatically upgraded to selected Password Storage and system iterations during login
• Improved: Admin passwords will be automatically re-hashed to the strongest hash and iterations supported during login
• Improved: Public shares now have a right click download and zip options
• Improved: New native users and groups may not start/end with whitespace
• Improved: On initial install, Cerberus now enables stronger default security settings
• Improved: Improved security warnings, summary page now warns on more insecure settings
• Improved: When SSH Security Defaults are reset, algorithms with warnings will not be enabled
• Improved: In Stats, added share link to email list when creating an emailed share
• Fixed: Account request submission messages updated
• Fixed: Account requests cannot be done with non-matching password and password confirm
• Fixed: File, Login and Audit Reports now use the locale when formatting the reports date range
• Fixed: Ensure that the system setting for password iterations is always valid
• Fixed: Allow clearing username/password in SMTP Event Target
• Fixed: PasswordType::Plain passwords set by SOAP API are now always hashed before serialization
• Fixed: Changing SMTP Settings no longer requires a service restart
• Fixed: Moved uisettings.xml to a per user file to tighten permissions and allow per Administrator customizations when system has non-default permissions
• Fixed: Web Client context menu actions now disabled when the user is not allowed to perform them
• Fixed: ‘Allow FTP Renames to Overwrite Existing Files’ now works as expected
• Fixed: Renamed SSO configurations from “Azure AD” to “Entra ID”