Added menubar title, page title and delete expiration information to user info API.
Fixed a problem where a users group wasn't properly assigned when the default LDAP group
was set to disable login.
Set the default group to the system default group if the current default group is deleted.
Fixed incorrect license count on the status page.
Version 2.4.17 (released 2014-08-01)
Updated to a later version of the SAML2 library.
Set expires after to the max value if the max value is set and user entry blank or 0.
Update last login at and last login ip when logging in using the API.
Better logging of CSRF issues.
Fixed a problem where ClamAV stopped working on EC2 after a recent Amazon update.
Fixed a problem accessing files if AV scans a disabled for local users.
Fixed a problem setting the default LDAP group to login disabled.
Fixed a problem where FileLinks couldn't be deleted.
Fixed older and legacy migration problems.
Version 2.4.16 (released 2014-07-10)
Fixed a problem where email relay configuration could be reset when using multi-domain
Fixed a problem where crafting a special URL could delete FileLinks.
Fixed a CSRF problem where a user could potentially be tricked into changing their
API key and random Filedrop URL.
Fixed a CSRF problem where a user could potentially be tricked into sending a message.
Ensure that the content-disposition header is set when downloading zip archives.
Improved imput validation for user name and email fields.
Version 2.4.15 (released 2014-07-03)
Fixed a problem where old internal database backups wasn't removed properly.
Check if cookies are enabled and warn on the front page if they are not.
Capture cookie related issues and direct users to enable cookies if they are not.
Added user interface permission settings to the user account API call.
Use p tags instead of pre tags in the default validate_email temaplate as there's
been reports of the default email getting caught in spam filters.
Updated the web application framework rails to latest stable release.
Version 2.4.14 (released 2014-06-16)
Fixed a problem removing remote syslog server if configured.
Fixed incorrect user license count in the admin interface when using domains.
Only test certificates for the default domain.
Fixed a problem loading certificates from other domains than the default domain.
Version 2.4.13 (released 2014-06-06)
Restart all components that's loading OpenSSL after the recent OpenSSL vulnerability.
Disable the login button on submit, preventing doubleclicking on the login button.
Fixed a problem with URL encoding for FileLinks.
Fixed a problem downloading beta releases.
Version 2.4.12 (released 2014-05-23)
Enabled having external and sending disabled enabled at the same time.
Show Message ID or FileLink in the Download log expanded view.
Version 2.4.11 (released 2014-05-19)
Updated email authentication pages for legacy browsers and added client side validations.
Added LDAP server Base DN detection (for new servers) and syntax checker.
Warn if Sysadmins are authenticated via LDAP.
Fixed a SSL connection problem when using the domains feature.
Fixed a file system location issue when using the domains feature.
Updated Rails version (fix for potential security issue).
Version 2.4.10 (released 2014-05-01)
New Feature: Password Expirations, configurable on a per group basis.
Added Certificate Validity Checking and displaying of the Certificate Chain.
Changed the Certificate Chain to a separate text field in Admin → Certificate → Upload.
Increased the Strict Transport Security policy to 1 year, in line with current
Version 2.4.9 (released 2014-04-28)
Allow backspace in the backup username for SMB backups.
Fixed a problem with the EC2 installer.
Fixed a problem to Static SSO Logins.
Fixed a problem with LDAP search order when using multiple LDAP servers.
Version 2.4.8 (released 2014-04-22)
Fixed a problem with UTF-8 characters in emails (problem occurred in v2.4.7).
Better handling and error message for CSRF errors.
Updated client side validation for network range configurations, backup configuration
and group configuration.
Updated server side validations.
Fixed a problem with migrating from legacy systems.
Version 2.4.7 (released 2014-04-15)
Restart LiquidFiles daemons to ensure they load versions of OpenSSL that are not
vulnerable to Heartbleed. Please note that any LiquidFiles system updated after the
8th of April has installed a non-vulnerable version of OpenSSL, but the system needed
to be rebooted. This update restarts the functions without the need to reboot.
Enabled a function to generate a new certificate private key from the web interface.
Set the top margin based on the size of the menubar, for custom logos that are much
larger than the menubar and caused the logout button to be hidden.
Added beta updates functionality.
Better validation of the email and backup configuration.
Updated LDAP character validation for the LDAP admin pages.
Fixed a couple of problems with the domains feature.
Fixed a problem uploading support requests.
Version 2.4.6 (released 2014-04-01)
Prevent Secure Messages from being selected if the group's only available download
permission is that Anyone can download, which doesn't make sense for a Secure Message.
Fixed a problem with updates which sometimes caused Messages and Download log to not be visible.
Fixed a problem with email validation if the recipient enters mixed case emails.
Updated delete message function in the admin section to use Ajax and not cause the
interface to reload so sort options are preserved.
Fixed a problem creating a new admin group.
Fixed a problem displaying FileLinks with non-standard file extensions.
Permit dollar sign ($) in the Windows Share/SMB share name, enabling hidden Windows shares.
Added Disk Space warning email if usage is above 90%.
Fixed a problem that caused the FileLink email authentication window to not load
Version 2.4.5 (released 2014-03-17)
Remove progress bar placeholder for File Requests.
Fixes for quota calculations and display.
Updated login logging.
Added Filedrop API/XML delivered status message.
Fixes for migration from legacy Filetransfer appliance.
Remove HTML comments from messages.
Updated email token verification authentication.
Added Filelink and Filelink email URL to CSV user exports.
Fixed a problem with the nightly maintenance script that caused expired files to not
be deleted as expected (since v2.4.0).
Version 2.4.4 (released 2014-03-11)
Fixed a problem that would sometimes prevent downloads from working properly.
Fixed a problem authenticating FileLinks with Internet Explorer 8 and below.
Version 2.4.3 (released 2014-03-10)
Fixed a problem with filenames for backups with Windows Share (SMB) backups.
Removed System and Auth log view from the Admin → System Log. These logs had
nothing to do with the LiquidFiles application and could in same cases generete a lot
of logs. Please use an external Syslog system or log into the console if you need to
view these logs.
Added authenticating to Filelinks with the authentication token instead of the link in the email.
Fixed a problem authenticating with authentication tokens when the system requires
users to create accounts.
Added FileLink and Secure Message documentation to the Help menu.
Removed admin groups from the possible default groups in Admin → Groups.
Fixed a problem updating default groups when no LDAP configuration was present.
Version 2.4.2 (released 2014-03-05)
Fixed a problem with server side password validation.
Fixed a problem where empty attachments was sometimes added.
Updated the display of HTML messages.
Updated email validation.
Fixed a problem where Secure Message wouldn't be allowed to send without an attachment.
Relaxed email address validation to allow for new TLD's such as .museum.
In the FileLink window, list the FileLink URL if there's no Flash installed (or Flash
too old) that can run the "Copy to Clipboard" button.
Version 2.4.1 (released 2014-02-26)
Fixed a problem displaying some messages on the message list.
Fixed a problem where some Filedrop users wasn't recognised properly.
Version 2.4.0 (released 2014-02-25)
New Feature: FileLink - quick direct links to files without sending messages.
New Feature: HTML editor to messages and Filedrops.
New Feature: Secure Messages - sending messages without the message being copied in the
email and get confirmation when someone views the message as well as downloads the files.
New Feature: Quota Support - having the ability to limit the number of Megabytes a user,
group or domain can store on the system.
New Feature: Multi-Tenancy/Multi-Domain - LiquidFiles now supports running multiple
URLs/Domains on a single instance, each domain with it's own URL, Certificate, Branding,
Users, Groups, Messages, ...
Backup option to only backup configuration.
Backup option to backup to a Windows File Share (SMB protocol).