Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Section


Column
width65%
  • Release Date: May 2024
  • Build Number: 21.0.100
  • Type: Service Pack Release


Info

This release contains major security fixes, please upgrade your server as soon as possible. 

Upgrade Information

  • Please read this complete Release Notes and instructions before upgrading.
  • Please follow the regular upgrade documentation for Windows or Linux
  • Upgrading any previous version higher or equal to version 16.0.100
  • Cluster: Running different versions on the servers in the cluster is supported but limited to version >= 16.0.100
  • (info) Please renew the D2D certificate manually in the server preferences under "Network"
  • Please update the NGINX site configuration due to security fixes from server version 21 FINAL, no changes are requires in the Apache2:
location / {  
.....

proxy_set_header X-Forwarded-Host $host;

proxy_set_header X-Forwarded-For $remote_addr;
}

For more infos please visit our guide: Reverse Proxy Setup Guide#PassHostnameoftheUpstreamwhenReverseproxying

Downgrade Information (optional)

  • In case a downgrade to a previous version is necessary:
    • For a downgrade, you have to review our downgrade documentation.
    • Simply replace the PowerFolder-Server.jar file with that from the previous version you would like to run.
  • Log messages due to the higher schema version of database can be ignored:
    • [DatabaseMigrator]: Database layout version is newer than expected.

HTTPS Server-Client-Tunnel using Web Sockets 

The clients can also use the encrypted web sockets same as our iOS app, please use the following web proxy guide to enable the web sockets: WebSockets for iOS and Desktop Client#EnablingWebSocketsforClient

 Enabling Clients to use the Web Sockets

 Add the following config. to the Default.config (server) or PowerFolder.config (client) when the clients should use the web sockets, precondition the web sockets should be enabled on your server:

Code Block
connections.websocket=true


Transfer of Security Information of SAML

Change SAML/Shibboleth attribute prefix to SAML (from HTTP_) in shibboleth2.xml and Apache config.

This change is not backward compatible due to security reasons! There changes have to be done to correctly support SAML logins

TODO: Adopt Apache config. use prefix “SAML”, instead of “HTTP_”: Apache configuration

Document Editing using WebDAV

After MS security updates 2023 the editing of documents using WebDAV is not possible, please use the following file to update the settings:

View file
namePowerFolder_webDAV_fix_for _MSoffice.reg
height250

More infos under: WebDAV known issues in Windows

API Call to restore folder from BACKUP_REMOVE

You can now use the API call to restore one or all folders from system recycle bin:

Changes

Changelog

  • Jira Legacy
    serverSystem Jira
    serverId5897cab3-f6a0-3e40-b549-209e22c2da93
    keyPFS-4349
  • Image AddedPFS-4348 - Disable mails on quota overuse of folder owner
  • Image AddedPFS-4330 - A1.3 Security fix




  • Release Date: May 2024
  • Build Number: 21.0.100
  • Type: Service Pack Release

Changelog

  • PFS-4124 - Document editing: Fix WebDAV access with .reg file
  • PFC-3412 - M1.1: Provide HTTPS server-client-tunnel 
  • PFC-3414 - H1.1: Replace ECB encryption with web socket SSL connections 
  • PFS-4183 - Reverse proxy should disconnect from target server when initial requests fails/stops 
  • PFS-3793 - Change transfer of security information of SAML 
  • PFS-4300 - Web tests for all files functions 
  • PFS-4322 - Failed to update devices on account delete when running parallel Image RemovedPFS-4348 - Disable mails on quota overuse of folder owner
  • PFS-4338 - API Call to restore folder from system recycle bin (BACKUP_REMOVE) 
  • PFS-4346 - Increased DDoS protection: throttle HTTP requests 
  • PFS-4327 - M1.2 Security fix
  • PFS-4326 - M1.1 Security fix
  • PFS-4329 - N1.2 Security fix
  • PFS-4333 - N1.3 Security fix
  • PFS-4334 - N1.4 Security fix
  • PFS-4335 - N1.5 Security fixImage RemovedPFS-4330 - A1.3 Security fix
  • PFS-4331 - I1.1 Security fix
  • PFS-4332 - I1.2 Security fix
  • PFS-4336 - I1.3 Security fix


Column


Panel
titleOverview:

Table of Contents
maxLevel3



...