Changelogs

• [#312061]: Add an option to use a custom documentation link for users
• [#312038]: Fix sending invalid notifications for file deletion in a DataRoom
• [#311266]: Implement JWT based external authentication via HTTP headers
• [#293136]: Update to ruby 3.2 for performance and security improvements

• [#310142]: Update backend libraries for security (ruby on rails)
• [#303305]: Update nginx to latest stable 1.26 version

• [#310518]: Implement support for multiple content scanners
• [#308025]: Improve generic input validation for security

• [#310434]: Fix CargoLink widget file list
• [#309696]: Fix typo in end-to-end-encryption feature
• [#308848]: Improve security of translation templates
• [#308026]: Fix potential user emails leaking via shares API

• [#309523]: Implement TLS for ICAP integration
• [#305446]: Update backend libraries for security (ruby on rails)
• [#264477]: Implement end-to-end encrypted CargoLinks with a zero trust approach

• [#308419]: Fix regression in the user filter in the transfers list for administrators
• [#308100]: Implement a feature to combine file download notifications
• [#308024]: Fix a pontential XSS vulnerability in the directories management for administrators
• [#308023]: Fix a potential OTP bypass vulnerability
• [#308022]: Improve access control on team member management
• [#305445]: Update backend libraries for security (ruby on rails)

• [#308096]: Add restrictions to refuse files with a leading “.” in the file manager
• [#305656]: Fix user filter in the transfers list
• [#302470]: Fix deprecation warnings in frontend and backend
• [#295870]: Implement regular cleanup of expired access tokens
• [#292732]: Fix force logout of a user as administrator

• [#303858]: Remove legacy WebDAV support
• [#303140]: Update backend libraries for security (rexml)
• [#279095]: Implement a proxy for ESET activation and pattern updates

• [#304848]: Fix the cleanup of temporary uploaded files
• [#304642]: Remove the journal page for group administrators
• [#304310]: Fix a contact search issue in the CargoLink wizard
• [#298215]: Implement security monitoring for our default SFTP settings
• [#286428]: Implement PostgreSQL 16 compatibility and migration task

• [#303478]: Fix pruning storage background job issue
• [#292184]: Update proftpd to the latest version

• [#302145]: Fix browser freeze after CargoLink is created
• [#298112]: Update backend libraries for security (ruby on rails)

• [#301864]: Fix german translation in the CargoLink wizard for the expiration date
• [#301365]: Fix charts in the admin dashboard when no data is available
• [#301171]: Fix a timeout in the file manager related to DataRooms
• [#298111]: Update backend libraries for security (ruby on rails)

• [#299549]: Fix temporary disk space usage of the ESET AV scanner
• [#299376]: Fix timeout behaviour for the ICAP client when scanning multiple files
• [#297931]: Add upload restrictions to refuse files with a leading “.”

• [#298258]: Update integrated ESET AV to the latest software version
• [#297350]: Update library for charts and diagrams
• [#295875]: Implement an overview page for asynchronous content scans

• [#297068]: Improve security of the session when changing roles
• [#297065]: Fix pending invitations for deleted shares
• [#297064]: Improve security of 2FA code verification
• [#297060]: Improve security of audit logs view
• [#294801]: Fix missing logs association to DataRooms
• [#290961]: Improve security of SFTP default settings
• [#275793]: Improve performance of shares management

• [#297066]: Improve security of 2FA key generation
• [#297063]: Improve security of users search API
• [#297058]: Fix potential directory traversal in custom share path
• [#297055]: Improve security by removing session id information for user
• [#296860]: Improve disk usage report by users
• [#296628]: Fix checkboxes in the FolderAction edit view
• [#296080]: Fix invalid tooltip for “Become user” action
• [#288505]: Upgrade to Rails 7.1 for performance and security improvements

• [#295487]: Add a new action to the “New” button to upload files and directly share them with a CargoLink
• [#293137]: Update backend libraries for security (ruby on rails from 7.0.8 to 7.0.8.1)

• [#294828]: Add a setting to enable / disable HTTP/2
• [#294362]: Fix background GeoIP database update
• [#293870]: Fix missing translation for CargoLink status

• [#293872]: Fix CargoLink wizard for prepared links created by a folder action
• [#292758]: Fix error notification sending for folder actions
• [#292471]: Fix drag and drop in the upload dialog
• [#292251]: Fix enable/disable upload for single-file CargoLinks

• [#292589]: Fix attributes management for SAML authentication sources
• [#292458]: Fix editing PGP keys in user management
• [#292260]: Fix missing colour in status badges for CargoLinks
• [#291816]: Fix missing lock icons in the file manager
• [#291791]: Fix missing translations for asynchronous content scans

• [#291578]: Fix transfers table in the CargoLink detail view
• [#290171]: Fix asynchronous content scanning when re-uploading files with the same name

• [#290677]: Improve firewall rule persistence
• [#290250]: Fix CargoLink expiration setting
• [#290174]: Fix broken role change
• [#290123]: Fix broken folder action edit (dropdown)
• [#290122]: Fix shared folder information in the file manager

• [#289873]: Fix creating zip files from the object store
• [#289757]: Fix pagination in the user administration

• [#289460]: Fix password reset functionality
• [#289085]: Fix group selection in the recipient input
• [#289005]: Add search hint when selecting files for a CargoLink
• [#288994]: Ensure that only approved locales installed on the system
• [#288977]: Fix confidential message styling

• [#288316]: Fix file upload retry button
• [#287935]: Fix problem with editing a SAML authentication source
• [#287365]: Fix background content scanning for ICAP integration
• [#286916]: Update to ProFTP 1.3.8a for security and stability improvements
• [#280421]: Improve handling a big amount of files in the uploader (>10'000 entries)

• [#286034]: Add http2 support to the web server
• [#283287]: Add automated security scanner for the source code (SAST)
• [#280168]: Fix user list sorting for administrators
• [#275802]: Improve dashboard performance for administrators
• [#275794]: Improve CargoLinks list performance for users

• [#286286]: Fix verifying the maximum lifetime of a CargoLink against the system wide limit
• [#284476]: Improve ZIP download file name
• [#267447]: Fix creating users on the fly when using CargoMail integration
• [#250870]: Improve reverse IP lookup for private addresses

• [#285458]: Fix refresh cache button in CargoLink details view
• [#285341]: Improve sign-in dialog when using Single Sign On
• [#284573]: Fix missing translation for PIN entry in the CargoLink wizard
• [#284572]: Fix scrollbars in quick links on the dashboard
• [#284571]: Fix link to CargoLink approval details view
• [#284530]: Add custom zip generation service to fix memory issues and improve performance
• [#279447]: Update nginx to latest stable 1.24 version

• [#284163]: Fix effective deletion of users when using auto deletion
• [#284115]: Fix missing icons in the CargoLinks list view
• [#283896]: Fix target selection when uploading files via CargoLink
• [#283869]: Fix CargoLink shortcut edit window
• [#283057]: Fix background cleanup tasks for files and CargoLinks
• [#281269]: Disable share creation when the system does not have users yet

• [#279437]: Update to the latest jQuery version

• [#282850]: Fix periodical cleanup service
• [#282849]: Fix CargoLink creation issue for objectstore
• [#280436]: Improve perfomance for CargoLink creation in case of big amount of files
• [#253690]: Upgrade frontend framework to the latest version

• [#281270]: Improve API v1 documentation for user management
• [#280424]: Improve CargoLink creation with a huge amount of files (> 10'000)
• [#280396]: Fix organization management UI
• [#280273]: Improve JSON support in the API v1 for contacts management

• [#280409]: Fix user list navigation for administrators
• [#276324]: Add welcome email to invited users with sign-in information

• [#279253]: Fix quota limit message when trying to upload files to a CargoLink
• [#278015]: Fix storing preferred locale for a contact
• [#277081]: Improve default sorting of CargoLink approval list
• [#277063]: Improve hint text for file selection in the CargoLink wizard
• [#277061]: Fix 2FA label in the user list as administrator
• [#275371]: Improve cluster monitoring to detect split brain situations
• [#252255]: Improve user exporting in CSV format

• [#278014]: Improve PIN brute force attack notification for CargoLinks
• [#276982]: Fix memory issue when creating big zip files for download
• [#276267]: Fix locked, but not processed jobs in the background queue

• [#276009]: Add automatic PIN regeneration for CargoLink recipients
• [#275790]: Improve users list performance for administrators

• [#275879]: Fix potential build time informational leakage
• [#275624]: Improve logging for SAML integration
• [#275461]: Improve CargoLink file upload dialog
• [#272583]: Upgrade to Rails 7 for performance and security improvements
• [#272476]: Add support for bearer token format in API v1
• [#271910]: Improve timeout handling for malware scanning

• [#273339]: Fix checking for pending content scans with file names having special characters in the name
• [#272735]: Fix updating traffic charts when switching months in the administration traffic report page
• [#272600]: Fix uploading files in the file manager with partially invalid shares
• [#272570]: Fix CargoLink shortcut handling when not using tenants
• [#255695]: Fix potential out of space issues for the content scanner
• [#250136]: Improve PDF journal layout when using registered transfers

• [#272244]: Fix layout issue in the file upload wizard
• [#271940]: Add ability to toggle autodelete on existing CargoLinks

• [#270291]: Improve admin users list loading performance
• [#267800]: Improve checksum calculation for the CargoLinks with large files

• [#270146]: Implement direct object store access for the content scanner
• [#269997]: Fix transfer log view errors for deleted users
• [#269084]: Improve local ICAP content scanner monitoring
• [#268481]: Fix shares management of participants after user deletion

• [#269434]: Fix sending email with specific locale settings from the user
• [#267632]: Implement automatic deletion for users managed in external directories
• [#44090]: Fix error when trying to download an empty folder in the file manager

• [#268140]: Fix audit journal display for attribute changes
• [#268126]: Add a feature to restrict sign-in from internal networks only
• [#267980]: Fix adding defaults for authentication sources
• [#267977]: Fix issue with DB archiving not being performed
• [#267833]: Improve sorting and filerting for CargoLink approvals
• [#267759]: Prevent multiple usage of a share invitation token
• [#267758]: Add read / write settings for share invitation to externals
• [#260353]: Fix parallel session usage with different roles for the same user
• [#256261]: Add a feature to integrate a Cargo file upload widget to external websites

• [#267880]: Add user filter to the transfer logs
• [#267787]: Fix file downloads for CargoLink approvers
• [#267757]: Fix account confirmation page layout
• [#267729]: Fix upload links creation when using an object store
• [#267244]: Fix tooltip styling on timestamps
• [#267081]: Fix pre-filling attributes when editing an authentication source
• [#265845]: Update nginx to 1.22 for security and stability improvements
• [#259384]: Trigger a failover if the data store is not available
• [#252254]: Add filtering and sorting to the audit logs

• [#267415]: Fix HMAC API authentication regression
• [#267139]: Allow SHA-256 signed SAML requests
• [#267135]: Prevent creating CargoLink in the file manager for special folders (Incoming and Outgoing)
• [#266892]: Provide packages for Ubuntu 22.04 LTS
• [#266042]: Remove unused feature to inverse navigation colours
• [#265844]: Update to ProFTP 1.3.8 for security and stability improvements
• [#260560]: Allow to enable SecureDrop by default for upload CargoLinks

• [#266029]: Improve reverse DNS lookup for ip addresses in the user interface
• [#266025]: Fix preview mode for CargoLinks only valid in the future
• [#265704]: Fix display error in the user overview for administrators
• [#265600]: Remove legacy backup section from the administration interface
• [#264176]: Do not show quick-links section when no items are available for the user
• [#263951]: Allow to re-assign an approver for a CargoLink if enabled system wide
• [#263923]: Allow to choose any user as approver for a CargoLink if enabled system wide
• [#257551]: Improve PDF journal for CargoLinks to contain relative path of files if directories are shared
• [#252256]: Show basic license information to the administrator in the dashboard

• [#264562]: Add service inheritance for new external users invited via share
• [#264471]: Fix file manager sidebar labels
• [#264470]: Fix blank tab when downloading files in safari browser
• [#264075]: Improve custom application logo
• [#263952]: Improve fallback approver notifications
• [#263924]: Add list of CargoLink approvals

• [#264469]: Fix reports months navigation
• [#264442]: Fix font rendering problem in Safari
• [#264417]: Fix CargoLinks list view when selecting expired links
• [#264353]: Fix pin display in CargoLink Wizard when enforcements are in place
• [#264178]: Fix moving shared folders in the file manager
• [#264130]: Fix missing groups favourite icon
• [#263962]: Fix “Enable Upload” setting preset in the CargoLink wizard

• [#263782]: Improve file upload error messages
• [#263781]: Fix unicode filename handling when uploading files
• [#263738]: Fix access control for fallback approvals
• [#263574]: Fix downloading of a large amount of files in the file manager
• [#262233]: Fix drag&drop file uploads for systems using the object store
• [#260632]: Prevent duplicates in data room participations

• [#261685]: Improve footer layout in the web interface
• [#261495]: Show specific information to CargoLink recipients if a link is not yet available
• [#259487]: Update to newest ruby on rails libraries for security and performance
• [#259383]: Add file system availability monitoring and alerting

• [#261706]: Fix multiple roles behavior
• [#261631]: Fix font loading in some browsers
• [#260743]: Prevent deleting users with active shares

• [#260669]: Fix share path handling for administrators
• [#260620]: Improve CargoLink detail view layout
• [#260553]: Fix word wrapping for the CargoLink preview page
• [#259837]: Fix database encryption algorithm migration
• [#259827]: Improve CargoLink API to allow file downloads
• [#259659]: Prevent browser from caching files downloaded via CargoLink
• [#259657]: Fix missing translation of error messages in file upload
• [#259101]: Allow CargoLink owner to see the confidential message content
• [#256446]: Fix closing of the notifications dialog via the bell icon
• [#250064]: Add a searchable label to a CargoLink

• [#259532]: Fix layout for journal logs (audit) page
• [#259032]: Fix error message in the FileManager when object store is not available
• [#196461]: Added sorting to DataRooms by participants count and its name

• [#257522]: Cleanup legacy tooltip library to use modern components
• [#256659]: Improve escalation when local monitoring restarts a service continuously
• [#256634]: Add monitoring to object store replication in a cluster setup

• [#257550]: Fix wrong error message on deleting share or user
• [#256435]: Update Rails 6 to 6.1

• [#256892]: Fix marking contact as private
• [#256583]: Fix contacts import with UTF-8 encoding
• [#256482]: Fix regression for OTP auth when becoming a user (as admin)
• [#256166]: Switch to Vite.js for the frontend bundling
• [#255783]: Update the minio object store version
• [#236461]: Upgrade to Rails 6 for performance and security improvements

• [#256692]: Improve 4-eyes fallback approver actions when checking a CargoLink
• [#256595]: Increase default number of entries in the contact list page
• [#256525]: Fix accidentally resetting feature states when deleting the site logo
• [#256201]: Add explicit “select folder” button when uploading files for a CargoLink
• [#256159]: Improve error message for the administrator when trying to remove a user which is still owning active shares

• [#256158]: Fix typo, add icons to the CargoLink wizard confirmation page
• [#255846]: Improve logging of background jobs
• [#255697]: Improved the description for the “Transfer-Only” mode
• [#253880]: Improve CargoLink edit page when pin and mobile number enforcements are in place

• [#255657]: Fix contacts import from CSV files
• [#255594]: Fix email sending for the fallback approver (2-man rule scenario)
• [#255553]: Fix CargoLink expiration notification scheduling
• [#255109]: Improve FolderAction execution performance
• [#253890]: Limit system information for normal administrators

• [#255404]: Fix layout on report page
• [#255212]: Adjust memory settings for the content scanner
• [#254970]: Improve view cache for CargoLinks when uploading files

• [#254622]: Fix autocomplete for teams in the CargoLink wizard
• [#254521]: Fix content scanner timeout when interacting with an ICAP server
• [#254473]: Restore old CargoLink list behaviour with active/expired links
• [#254444]: Fix content navigation entries in the file manager
• [#254414]: Allow super administrators to be configured as user manager in the SAML configuration
• [#253888]: Fix logging in the API when trying to download an expired CargoLink

• [#254386]: Remove folder rename tracking for CargoLinks and Shares to prevent unwanted side effects
• [#254064]: Improve storage pruning performance with large amount of files
• [#253694]: Use the pagination API when managing contacts
• [#253645]: Fix formatting of weekly AV scan reports when malware was found
• [#253623]: Improve stability of the content-scanner under heavy load
• [#253576]: Improve preview mode information for the CargoLink owner
• [#253503]: Fix styling in file manager when hovering over objects

• [#253578]: Fix become user feature for admin accounts
• [#253538]: User search imporved
• [#253483]: Improved upload cleanup task performance
• [#253293]: Add ability to have multiple external user IDs
• [#253159]: Implement pagination/sorting for tables
• [#250882]: Add posibility to copy link for a cargolink with anonymous recipient

• [#253393]: Fix daily log export issue with file names
• [#253161]: Update to ruby 2.7 for security and performance improvements
• [#252701]: Update to monit 5.32 for security and performance improvements
• [#252250]: Improve user management by keeping search results after editing
• [#252249]: Add a delete button to the user overview page
• [#250764]: Add support for specific CargoServer proxy for ESET AV updates
• [#238288]: Update to mod_zip 1.2.0 for security and performance improvements

• [#252716]: Update rails to 5.2.7 for security and performance
• [#252715]: Update frontend libraries to the latest versions for security and performance
• [#252682]: Fix and improve SNMP integration into the SNMP daemon
• [#251846]: Improve API performance for CargoLink recipient view
• [#250874]: Skip sending empty file lists in the weekly cleanup information mails
• [#242322]: Show the IP of the last sign in in the user management list
• [#230818]: Also prune PIN information when GDPR cleanup is enabled for CargoLinks

• [#252440]: Fix data room icons in the file manager
• [#252075]: Improve uploading large amount of files for CargoLinks
• [#251868]: Remove locked / infected files in the background when content scans are finished
• [#250900]: Fix PDF journal font to support cyrillic characters
• [#250804]: Add support for uploading full directories to a CargoLink
• [#250068]: Add support for uploading files into specific subfolders of an upload link
• [#242937]: Switch the application server to puma for improved performance

• [#252184]: Update monit to the latest version
• [#251968]: Ensure a user always has a role assigned
• [#251869]: Improve error message when creating a share for an invalid folder name
• [#251562]: Fix error message display when file upload fails and retries are triggered
• [#251538]: Fix contact editing form cleanup from last edit
• [#250803]: Implement combined file upload notifications for upload CargoLinks

• [#251860]: Fix 2FA setup for users after sign-in when enforcement is in place
• [#251739]: Fix increasing idle database connections from the background queue workers
• [#251159]: Update frontend libraries (jquery, jquer-ui) for security
• [#251158]: Fix uploading directory structures in file manager into subfolders
• [#250873]: Improve file selection and file type filtering for CargoLink upload links
• [#250765]: Improve automatic database reconnections in the background queue workers
• [#250404]: Fix quota editing for users with multiple roles

• [#250886]: Hide temporary folders from file selections in the CargoLink wizard
• [#250875]: Improve error pages layout
• [#250403]: Improve error message when trying to upload files larger then the configured limit
• [#250294]: Remove the deprecated CargoBatches API
• [#250186]: Prevent file overwrite when in “Prevent delete” mode
• [#235773]: Add role management (add/remove role from a user) to the audit list

• [#250695]: Fix upload link file size limit checks
• [#250689]: Fix uploading folders with files into the file manager
• [#250171]: Improve the error message for invalid or expired CargoLinks shown to the recipient
• [#250170]: Improve the error message when trying to overwrite an already existing file in an upload CargoLink
• [#250058]: Display the folder name of CargoLinks in the recipient view
• [#249935]: Improve cleanup of automatically generated folders for CargoLinks when auto-deleting files
• [#249714]: Improve error messages for the file uploader in case a content scanner detects unwanted content
• [#166720]: Skip OTP authentication when impersonating a user as administrator

• [#250173]: Filter out internal “.Uploads” folder for shares
• [#250172]: Fix missing translations for file retention settings (autodelete)
• [#250137]: Add SMS limits configuration for CargoLinks
• [#250121]: Add file size to CargoLink uploads in the file list
• [#249913]: Fix CargoLink message field editing when showing in the file manager
• [#249903]: Add cleanup for “.Uploads” with the the object store
• [#249632]: Add regular CargoLink manifest cache consistency checks
• [#249629]: Add redis synchronisation in a cluster setup
• [#249108]: Fix a missing permission check for CargoLinks in the file manager leading to a generic error instead of disabling the option
• [#246654]: Add improved ICAP integration with background content scanning
• [#240063]: Prevent super administrators from seeing notifications for users
• [#39343]: Add expiration information to CargoLinks in the recipient view

• [#250065]: Fix uploading very big files with the chunk based uploader
• [#249727]: Update javascript and ruby libraries for security and functionality improvements
• [#249671]: Improve database replication for sequence objects
• [#249667]: Improve captcha readability
• [#249109]: Fix tooltip in the log viewer for administrators
• [#247756]: Add cluster information to the administrator dashboard

• [#249105]: Update javascript and ruby libraries for security and functionality improvements
• [#248406]: Improve error messages for CargoLink lifetime restrictions
• [#248247]: Fix spurious SFTP upload errors when invoking the content scanner
• [#241520]: Improve DNS reverse resolution and GeoIP resolution by using asynchronous frontend processing
• [#231726]: Improve upload size limit handling when using the chunk based file uploader
• [#137080]: Implement object store synchronisation in a cluster setup

• [#248469]: Fix directory structure uploads on the file manager when using the object store backend
• [#248464]: Remove debug output on HTML pages
• [#248409]: Fix encoding problem with file names containing a “+” character
• [#248267]: Fix sign in error when a configured LDAP server is not available for feature checking
• [#248231]: Fix PIN enforcement for pre-created CargoLink edit view
• [#248135]: Fix server side error for pre-created CargoLink when enforcements are in place
• [#247413]: Allow names like “Adam F” as valid user name (single character components)
• [#245839]: Fix editing a SSH public key for a user as administrator
• [#235311]: Add resumable file upload to improve reliability with unstable network connections

• [#247608]: Fix missing page titles for some pages
• [#247497]: Improve CargoLink list view performance
• [#247484]: Fix an issue in calculating the status of a CargoLink leading to a server side error
• [#247451]: Improve manifest (available files) generation performance for CargoLinks
• [#246656]: Add support for background content scanning when creating a CargoLink from directly uploaded files

• [#247464]: Fix path quoting issue when scanning files with whitespace in the name
• [#247421]: Fix file preview controls in the file manager
• [#247283]: Fix performance issue with download callbacks after CargoLink file download
• [#247139]: Fix session overview with old and new style session identifier
• [#247138]: Fix audit journal view for some objects missing audit information
• [#246770]: Improve file manager performance for large folders
• [#242079]: Fix password warning layout
• [#235312]: Implement chunk based file uploader for CargoLinks and user dashboard

• [#246916]: Fix mobile menu icon
• [#246868]: Fix dashboard quick action display depending on features enabled for a user
• [#246853]: Fix a restart issue with background queue workers
• [#246836]: Implement a chunk based file uploader for upload links
• [#246818]: Fix CargoLink handling of files containing the “[]” special characters
• [#246769]: Fix layout of contacts and favourites in the file manager (right column)
• [#246646]: Fix colours for file manager icons for links and shares
• [#246482]: Fix layout of password reset form
• [#246378]: Implement a feature to expect regular new files from a user and otherwise stop cleaning up old files
• [#246120]: Fix folder action configuration display
• [#246036]: Fix WebDAV file upload

• [#246653]: Improve Transfer-Only mode for users which have additional features enabled
• [#246651]: Improve AV scanner settings (ESET) for ZIP file handling
• [#246645]: Fix a file manager issue where all objects are selected after a file upload
• [#246042]: Improve dashboard layout
• [#245980]: Fix PIN delivery information for approver notification email
• [#245686]: Improve share disable/enable actions
• [#245685]: Prevent sharing automatically managed folders from the file manager such as “Outgoing” and “Incoming”
• [#245680]: Improve list of shares sorting behaviour and actions
• [#245666]: Improve notification display for changed files
• [#245665]: Improve file change notification settings in the file manager
• [#245501]: Improve error display in multiple tabs when editing a user
• [#242957]: Update to proftpd 1.3.7c for security and compatibility improvements
• [#232102]: Update to PostgreSQL 12 for performance and security improvements

• [#246015]: Fix profile editing for SSO users
• [#245979]: Fix service name filter in the transfer log view
• [#245679]: Improve timestamp format in the file deletion notification email
• [#245678]: Fix path selection when editing an existing share
• [#245657]: Implement ESET AV-scanner integration with SFTP/FPTS
• [#245512]: Improve PIN delivery settings in the CargoLink wizard
• [#245406]: Fix an issue with setting expiration date for existing CargoLinks
• [#245394]: Implement system wide maximum value for CargoLink lifetimes
• [#245374]: Improve PostgreSQL stability on low system memory
• [#245182]: Fix SNMP logging permission issue by switching to syslog
• [#244886]: Implement feature enabling/disabling globally and per user for administrators
• [#243976]: Fix file change notifications for virtual file system (object store)
• [#8581]: Implement self-managed 2FA for users including system wide enforcement policy

• [#245500]: Fix translation issues in the UI when editing a user
• [#245395]: Fix an JSON date format for the CargoLinks API
• [#245375]: Improve directory selection control for shares
• [#245233]: All switching to a user account as administrator independent of the services enabled for the user
• [#245199]: Improve background queue processing for CargoLink file manifest generation
• [#245017]: Prepare for integrating ESET as content scanner
• [#244888]: Implement file deletion notifications for users
• [#242677]: Fix shortcut URLs for CargoLinks to be case insensitiv
• [#166076]: Allow to restrict file types for upload links

• [#245043]: Improve performance for loading a CargoLink via API when a huge number of downloads is already present
• [#245020]: Fix the state of CargoLinks created in the background via folder actions
• [#245019]: Fix client side download counters in CargoLink preview mode
• [#245015]: Fix logo position for users which have the navigation column disabled
• [#244981]: Fix a redirect loop when multiple roles are assigned to a user which have specific dashboard settings
• [#244879]: Fix system audit display for object store based file information
• [#244816]: Fix file manager to not select all objects after a new directory has been created
• [#244746]: Fix a cache invalidation issue of SHA1/SHA2 checksums when replacing files via SFTP
• [#244375]: Improve the list of CargoLinks display performance by optimising a database query
• [#244182]: Add the new mobile number input control to account settings and user management
• [#165343]: Implement a facility to migrate a user from file system storage to object storage
• [#241717]: Improve system configuration section to keep the currently selected tab when updating the settings
• [#242367]: Fix an issue when multiple authentication sources are enabled and the user object is updated after successful sign in
• [#241696]: Improve drag&drop feedback for folders which should use the special folder upload button instead
• [#244375]: Improve the list of CargoLinks display performance by optimising a database query

• [#244668]: Implement new UI layout for organisation management as a user
• [#243977]: Implement copying the shortcut URL of a CargoLink to the clipboard
• [#244627]: Fix user management when having disabled services still active for a user (such as FTP)
• [#244623]: Improve share participant user selection by sorting, adding an auto-complete field and searching
• [#244591]: Fix a folder action issue when creating CargoLinks automatically for new files
• [#244520]: Fix image path used in the sign-in component to not use absolute url
• [#244513]: Fix user management when storing the public key of a user
• [#244449]: Fix the user management when setting OTP via SMS as administrator
• [#244434]: Fix missing navigation entry for organisation management as user
• [#244412]: Fix an issue with CargoLink domain when using tenants
• [#244370]: Fix an issue with PIN enforcement for CargoLinks preventing CargoLinks without PIN
• [#244362]: Fix an issue when configuring the AD/LDAP source for group checks for shares
• [#244361]: Improve user management performance with a lot of users
• [#244351]: Fix invitation mail resend button for CargoLink
• [#244344]: Fix the login disclaimer display when using embedded links
• [#244320]: Fix access information as a recipient for confidential messages
• [#244319]: Fix invalid text body referencing files for confidential message download information emails

• [#244299]: Fix a caching issue with multiple recipients of a CargoLink

• [#244257]: Fix sign up after invitation when external authentication is enabled

• [#244230]: Fix share invitation link for registering an account
• [#244220]: Fix share path selection on edit
• [#244203]: Fix terms accept redirection
• [#244202]: Fix missing PIN when creating a CargoLink for multiple recipients
• [#244201]: Fix error display on sign-in failures
• [#244199]: Fix pin delivery by email as automatic fallback
• [#244196]: Fix enable/disable upload flag for existing CargoLinks
• [#244195]: Fix contact search layout
• [#244193]: Improve recipient view information when the PIN can not be sent automatically for a CargoLink
• [#244191]: Fix translations generation and loading for the frontend

• [#244175]: Fix email reconfirmation when editing a user as administrator
• [#244140]: Fix default message and subject for CargoLinks of type confidential message
• [#244074]: Fix custom CargoLink background image display
• [#244071]: Improve quota and managed quota display in the user management
• [#244046]: Fix a file cleanup issue for uploaded but unused files when creating CargoLinks (regression introduced in version 6.x)
• [#244030]: Fix the usage of custom CargoLink default text settings
• [#244023]: Fix pin delivery method when adding a new recipient to a CargoLink
• [#244020]: Improve autocomplete when adding recipients to a CargoLink
• [#244019]: Fix pin delivery method for multiple recipients when email delivery is selected
• [#243958]: Fix approver lookup via directory to honour the administration settings to enable/disable the feature
• [#243953]: Fix pin delivery by email as automated fallback when adding recipients without mobile numbers to a CargoLink
• [#243928]: Fix the setting “SMS-OTP enabled” for user management as administrator

• [#242813]: Fix CargoLink valid-from / expires-at date input
• [#242585]: Fix user management to correctly disable / enable fields depending on the authentication strategy
• [#242545]: Fix email notification for share participants when creating a new share
• [#242541]: Fix colour for the sign in button
• [#242386]: Add CargoLink expiration notification for the sender
• [#239222]: Add sorting by services for user management by administrators
• [#239656]: Add upload information to the CargoLink PDF journal (if enabled)
• [#238958]: Add CargoLink approval feature (two man rule)

• [#242434]: Fix a potential scheduled task invocation permission check
• [#242321]: Allow for setting a custom password minimum length
• [#242180]: Hide automatically managed CargoLink folders when selecting files in the CargoLink wizard
• [#242161]: Improve login name generator uniqueness based on email addresses
• [#242099]: Implement the folder action UI in the new layout
• [#242098]: Security update of javascript libraries
• [#240039]: Improve an error message when no user account can be created automatically due to email duplication check
• [#238906]: Improve automatic cleanup of expired CargoLinks to also remove empty folders

• [#242309]: Fix authentication source assignment for new, automatically created users via AD/LDAP
• [#242237]: Fix feedback message when an uploaded file is rejected by the malware scanner
• [#242218]: Fix a file upload timeout configuration on the client side component
• [#242179]: Add an informational message when file search in the CargoLink wizard returns no matches
• [#242126]: Fix an error in audit log displaying for old user objects having legacy attributes in the changes
• [#242124]: Fix an issue with CargoLink shortcut editing permissions for existing CargoLinks
• [#242123]: Fix Single Sign On button link on sign-in page
• [#242121]: Allow Single Sign On users to change their settings without providing a password
• [#242090]: Fix client side CargoLink download counter update when downloading a file
• [#242087]: Fix layout in the directory search for users
• [#242085]: Add missing logo the the transfer log view for administrators

• [#242073]: Brand new user interface - see separate release notes
• [#241472]: Fix SNMP configuration validation

• [#242088]: Fix file manager custom style include
• [#242082]: Fix API Key expiration input

• [#240939]: Fix manifest generation timeout catching for CargoLinks and return Retry-After header to the client
• [#240754]: Fix language setting detection via SAML and do not overwrite existing custom setting
• [#239221]: Fix user impersonation for administrator to check if the target user can use the web interface

• [#240923]: Update openssl to version 1.1.1k for security fixes
• [#240768]: Update the mimemagic library for licensing issues
• [#240576]: Fix custom SNMP data fetching
• [#240536]: Fix escaping special characters when displaying a confidential message
• [#240052]: Allow minimum password length configuration
• [#239886]: Update jquery library for security fixes
• [#239885]: Prevent the HTTP header X-Forwarded-Host to be interpreted for security reasons

• [#239684]: Improve automatic share mounting when signing in
• [#239532]: Update openssl to 1.1.1j for security fixes
• [#238902]: Apply filter parameters when exporting transfer logs

• [#239079] Fix a potential issue for background jobs trying to load deleted objects
• [#239611] Fix background share mounting error
• [#239468] Fix a mime-type detection regression for file downloads
• [#239472] Fix an issue with share invitation when external authentication (via LDAP/SAML) is activated

• [#239016] Disable file manager toolbar right click for layout consistency
• [#236373] Allow searching for unconfirmed users as administrator
• [#238434] Fix rules for PIN enforcement when both uploads and downloads are enabled for a CargoLink (combine enforcement policies)
• [#239005] Fix link label in the CargoLink invitation for upload links when file name hiding is enabled
• [#239004] Fix markup in CargoLink confirmation page
• [#238407] Fix a validation issue when a group of recipients is used in the CargoLink wizard
• [#237251] Allow the “.” character in shared folder names

• [#238484]: Fix folder upload with empty, nested subfolders in the file manager
• [#238432]: Fix a missing translation for account confirmation grace time in the admin interface
• [#237783]: Fix access permission for session information for sub administrators
• [#236372]: Fix an internal server error when email duplicates arise with external authentication

• [#237451]: Fix CargoLink creation with directories which might affect the automatic cleanup
• [#235482]: Implement automatic share management based on Active Directory groups

• [#237361]: Improve CargoLink download notification file path
• [#236778]: Fix an issue with ED25519 keys for SFTP
• [#236763]: Fix file checksum metadata cache management when moving files
• [#236739]: Improve Filezilla compatibility for cipher consensus with SFTP

• [#237126]: Fix an exception when synchronising ActiveDirectory groups for shares
• [#236796]: Fix an issue about scheduled file cleanup
• [#236620]: Fix an issue with checksum calculation of uploaded files with CargoLinks
• [#235726]: Improve quality with automated visual end-to-end tests
• [#235485]: Add automatic Active Directory based shares for SFTP users
• [#234092]: Fix an issue about automatically deleting files shared by CargoLink

• [#235800]: Fix an issue about updating SecureDrop expiration configuration
• [#235484]: Implement a configuration section for automatic share management based on Active Directory groups
• [#235483]: Implement automatic cleanup for shares based on Active Directory groups
• [#235481]: Implement automatic shares based on Active Directory groups

• [#235748]: Fix proxy usage for outgoing connections downloading GeoIP databases
• [#235553]: Prevent modifying CargoLinks to potentially circumvent PIN enforcement
• [#235510]: Ensure existing PIN enforcement settings are migrated to the new configuration options
• [#235441]: Fix an issue in the audit log display with deleted entries

• [#235037]: Ensure responses to HEAD requests always deliver a Content-Length header
• [#234858]: Add a link to all CargoLinks in the dashboard when in “transfer only” mode
• [#234709]: Fix a mime type detection issue with text based files for JSON, XML and CSS types
• [#231995]: Add a configuration option per user to enforce PIN and mobile number usage for CargoLinks
• [#231993]: Add a configuration option to enforce PIN and mobile number usage for CargoLinks when receiving files
• [#231992]: Add a configuration option to enforce PIN and mobile number usage for CargoLinks when sending files

• [#234632]: Fix redirect for direct links after single sign on (SSO)
• [#234611]: Improve file download speed by using asynchronous direct IO by the webserver
• [#234300]: Fix user email change reconfirmation by administrators

• [#233959]: Improve transfer log entry for confidential messages
• [#233958]: Improve download log display for confidential messages
• [#233744]: Improve inter package dependency for CargoServer applications

• [#233360]: Improve log filtering for sensitive data in error handlers
• [#233208]: Fix CargoLink PDF journal with anonymous recipients
• [#232099]: Add PostgreSQL 12 compatibility for all applications
• [#231523]: Update proftpd to 1.3.7a for security and stability improvements

• [#232442]: Fix issues with editing old CargoLinks
• [#231642]: Improve the administration dashboard to sign out automatically after the session timeout
• [#231356]: Add a check for available storage before uploading large files

• [#230807]: Add whitespace sanitising for user data like email and login fields

• [#230692]: Improve PIN prompt message on CargoLink recipient view
• [#22426]: Improve invitation emails for share participants

• [#230272]: Improve administration UI with additional hints for LDAP configuration
• [#230019]: Fix nightly session cleanup failures due to an invalid query
• [#230009]: Improve SMS delivery status checks and parameter validation
• [#229756]: Improve default timeout values for background file change detection
• [#229743]: Update bundler to version 2.1 for all projects
• [#228091]: Improve the nightly GeoIP DB update process and subsequent application reloading

• [#229897]: Improve logging for SAML requests
• [#229630]: Improve AV scanner configuration management with ansible
• [#228629]: Improve file type detection with additional ruleset for libmagic
• [#227929]: Improve logging by adding a software version information to each message
• [#227680]: Add an option to enable/disable binding sessions to a specific client
• [#226684]: Update to ruby 2.6.6 for security and performance improvements
• [#199470]: Improve logging for automatically cleaned up temporary files

• [#229539]: Implement disk usage monitoring per user and autolocking of accounts when limits are reached
• [#228247]: Improve error messages for failed uploads in the dashboard
• [#228184]: Fix content scanning when using the CargoLink API version 1
• [#226781]: Update to openssl 1.1.1g for security and performance
• [#28568]: Implement TLSv1.3 for HTTPS

• [#228594]: Fix range based download requests
• [#227387]: Improve Redis connection settings

• [#228590]: Fix primary key type on the session table to prevent out of range errors
• [#228013]: Fix heartbeat code on file uploading to the dashboard for session prolongation
• [#227927]: Fix checksum calculation after file upload via the API to use a background job
• [#227688]: Fix links in notification emails to correctly use tenant information
• [#227410]: Add validation to internal networks configuration to prevent invalid network addresses
• [#227406]: Fix a german translation about internal networks configuration
• [#28058]: Fix a replication data type issue with background jobs

• [#227910]: Fix an issue with disabled TLS for LDAP connections
• [#227685]: Fix an issue with file type detection with restricted uploads for CargoLink
• [#227670]: Fix share target path resolution
• [#227596]: Fix SFTP uploading for files larger than 2GB for some clients
• [#45513]: Update to nginx 1.18 for security and performance

• [#226977]: Improve service checks after split brain situations
• [#226753]: Add additional email header configuration for CargoLink invitations
• [#226699]: Fix share mount state detection when using bindfs
• [#226262]: Fix missing oauth2 scopes for existing API access tokens

• [#203034]: Fix missing system configuration for CargoLink notifications
• [#201503]: Fix an issue where the CargoLink PIN got sent multiple times
• [#201269]: Fix an issue with the GeoIP database download
• [#167166]: Add client network depending 2FA enforcement
• [#166358]: Improve file type detection for incoming files

• [#198674]: Add outgoing mail queue monitoring
• [#198673]: Add SMS delivery monitoring
• [#196577]: Improve testing facility for SFTP/FTPS for new versions
• [#196116]: Fix a styling issue in CargoLink invitation emails
• [#167165]: Remove deprecated TLSv1.1 for FTPS and HTTPS

• [#197739]: Fix an issue with too many pages in the CargoLink PDF journal
• [#197697]: Add a configuration option to allow a clock drift for SAML authentication
• [#197667]: Fix an issue with tenants and wrong invitation link
• [#45502]: Update proftpd to 1.3.6c for security and performance improvements

• [#197988]: Fix a potential caching issue when downloading all files at once for a CargoLink multiple times
• [#197947]: Fix an issue about wrong files being cleaned up for CargoLinks
• [#197946]: Fix an error with folder action invocation with the wrong path
• [#197738]: Improve CargoLink PDF journal for long file names
• [#195808]: Improve user feedback when denying a file upload due to malware scanning

• [#196883]: Fix a SAML attribute parsing issue with the login
• [#196111]: Fix an encoding issue with the ecall SMS provider
• [#195344]: Fix an issue in the CargoLink journal PDF with upload event details
• [#195104]: Fix an issue with file name escaping in the CargoLink detail view

• [#195875]: Fix TLS 1.3 connection attempts for FTPS
• [#195727]: Fix a custom CA certificate permission error
• [#195135]: Prevent HTML content in the CargoLink invitation message
• [#195103]: Fix invalid content-type header when the accept header could not be detected
• [#166298]: Add an option to hide file names in the CargoLink invitation email messages for confidentiality purpose
• [#166201]: Fix a potential relative path issue when triggering automated actions on file upload
• [#166113]: Switch to POST based downloads for the file manager to circumvent URL length restrictions
• [#165529]: Update LDAP library for security and certificate validation improvements

• [#195383]: Fix an issue about user device binding with altered headers

• [#166085]: Implement a configuration to enable or disable URL shortening for CargoLinks
• [#166072]: Fix an issue with flash alert messages after file uploads to a CargoLink
• [#165522]: Implement a configuration to enable or disable the SecureDrop feature
• [#165487]: Improve session security by binding the cookies to the user device
• [#135696]: Switch to the new ecall API for sending SMS
• [#31322]: Improve the position of the download link in CargoLink invitation emails

• [#165461]: Implement file type restrictions for logo and other image uploads as administrator
• [#165351]: Fix a redirect loop issue with terms and one-time-password authentication
• [#164880]: Fix an issue with IP address lookups for country information in the log view
• [#164810]: Fix an issue with the mobile number when adding a new recipient to an existing CargoLink
• [#137085]: Implement a URL shortcut for selected CargoLink recipients
• [#137084]: Implement a SecureDrop feature to upload files in a postbox fashion
• [#135607]: Fix a potential issue with invalid emails being added to the address book automatically

• [#164712]: Fix an issue with an erroneously prevented delete request in the file manager
• [#137061]: Fix a job scheduling issue when creating a CargoLink
• [#136860]: Add SMTP relay authentication via SASL
• [#136234]: Filter sensitive headers stored with HTTPS download requests

• [#136751]: Fix a timezone encoding issue when scheduling events
• [#136726]: Fix a I18n issue for generic error information
• [#134577]: Fix a volume mount discovery issue for prometheus metrics reporting

• [#135460]: Add an improved resource, lock and metadata API
• [#134485]: Add a file search backend
• [#134428]: Fix an issue with the terms rich text editor
• [#8669]: Update the APN push gateway to newest rails 5.2 version

• [#134470]: Fix an issue with a lost SSH key for a user when editing his settings
• [#31227]: Fix checklist for new customer installations regarding support connections

• [#129787]: Fix file manager to prevent deletion of shared folders
• [#129778]: Fix file manager to prevent participants from deleting target folders of shares
• [#44031]: Add more file upload details to CargoLink journal PDF
• [#33288]: Add support for OCSP stapling to the webserver
• [#32826]: Fix an issue with fast cluster switches where services where not terminated correctly

• [#129881]: Fix share mount check after user login via background queue
• [#129779]: Fix log errors after deleting a file
• [#129777]: Fix log errors when reaching the quota with SFTP
• [#129769]: Fix immediate PIN sending when adding additional recipients to a CargoLink
• [#129653]: Fix database connection sharing with background queue jobs
• [#129621]: Add Ubuntu 18.04 LTS production repository for our packages
• [#129553]: Fix SNMP proxy to read cluster state via state file as opposed to service script

• [#129544]: Improve data change discovery after fail-over (automatic switch-back)
• [#129428]: Fix a configuration migration issue for folder actions with Rails 5.2
• [#129422]: Fix a bundler version mismatch issue for CargoMail when loading Rails 5.2 library versions
• [#129418]: Fix a archive database migration issue for Rails 5.2
• [#45944]: Fix a transfer journal filter issue with service names
• [#37856]: Improve CargoMail compatibility with Ubuntu 18.04 LTS
• [#27883]: Add automated CargoServer cluster update to Ubuntu 18.04 LTS

• [#45514]: Switch to openssl 1.1.1c for security updates
• [#45508]: Remove legacy CoffeeScript frontend components
• [#45497]: Fix an issue about SMS notifications being sent on CargoLink access
• [#13723]: Support prometheus exporters on Ubuntu 18.04 LTS

• [#45356]: Fix a javascript issue when dragging files to contacts
• [#45355]: Fix a javascript issue when loading the file manager
• [#45354]: Fix a javascript issue when checking the session validity
• [#44968]: Mark email field on user management as required
• [#39290]: Switch to Ruby On Rails 5.2.3 for stability, security and performance

• [#44649]: Fix a user confirmation issue in the administration interface
• [#44426]: Fix a cache refresh issue with group memberships in external directories
• [#44089]: Fix a remote syslog buffering issue when using TCP transport
• [#44030]: Implement a facility to create preconfigured CargoLinks
• [#43912]: Implement CSV export for workflows related to data rooms
• [#43910]: Implement automatic workflow state changes based on new files
• [#39984]: Improve API documentation for data rooms
• [#39983]: Implement a resource API for data rooms
• [#38276]: Fix a mtab parsing issue on newer Linux kernels
• [#38275]: Fix a fail2ban status processing issue with Ubuntu 18 LTS
• [#37893]: Fix an issue with wrong timestamps when uploading files in the web file manager

• [#44100]: Fix a datatype size issue when storing file metadata with CargoLink
• [#44054]: Fix a parameter checking issue when marking contacts as private
• [#43930]: Fix bindfs compatibility with newer Ubuntu LTS releases
• [#43907]: Improve workflow UI
• [#43772]: Remove legacy feature “unconfirmed contacts”

• [#40614]: Fix a parameter issue when creating/updating a team
• [#40612]: Fix a parameter issue when updating a folder action
• [#40554]: Fix a parameter duplication issue when creating network restrictions
• [#40230]: Fix a bundler library version lock issue preventing startup
• [#38274]: Fix an OS package listing issue in the administration view

• [#40002]: Fix a datatype issue when setting expiration time in the cache
• [#34832]: Implement customer specific NTP monitoring rules

• [#39814]: Fix an issue with the vault mounter UI startup
• [#39292]: Fix all external libraries to exact versions
• [#38711]: Fix a parameter sanitising issue when managing users
• [#36733]: Support Ubuntu 18.04 LTS with ansible automation
• [#29847]: Fix SSHD ClientAliveCountMax setting for automatic logout
• [#13722]: Fix startup on Ubuntu 18.04 LTS with systemd
• [#7870]: Switch to “strong parameters” for web request parameter whitelisting

• [#38724]: Fix missing I18n for authentication sources
• [#38723]: Fix a database extension issue when creating objects with UUID
• [#38362]: Add UUID as external identifier for a CargoLink
• [#38361]: Add UUID as external identifiers to sender/recipients of CargoLinks
• [#37859]: Update the mounter (vault) application to Ruby on Rails 5.2
• [#32035]: Improve autofill hints for forms dealing with passwords
• [#29834]: Improve cookie security by enabling SameSite settings
• [#29588]: Improve recipient feedback when sending a PIN per SMS for a CargoLink
• [#22293]: Update authentication library devise to 4.6 for security and stability fixes
• [#21258]: Add a file cache cleanup facility

• [#38320]: Fix an issue with request_id logging generated at the webserver
• [#37404]: Fix an issue with umlauts in the preconfigured PIN for recipients
• [#35594]: Improve workflow email notifications on data rooms
• [#35550]: Fix subfolder uploads for the file manager
• [#35181]: Fix server side error with confidential message and specific user profile settings
• [#33565]: Fix errors when uploading files after session timeout
• [#32296]: Fix CargoLinks with multiple recipients having preconfigured PINs
• [#32050]: Implement user list export for administrators
• [#31247]: Update nginx and openssl to recent version for security fixes
• [#23988]: Fix file downloads with “%” characters in the name
• [#15291]: Reschedule weekly AV scan and report to Sunday evening

• [#31881]: Fix a SFTP quota issue with proftpd

• [#35620]: Fix german translations for CargoLink PDF Journal
• [#31054]: Improve build infrastructure for Ubuntu 18.04 LTS
• [#28564]: Update to Ruby 2.5 for security and performance
• [#20507]: Fix a potential background queue concurrency issue

• [#30158]: Improve large ACL import with background processing

• [#34828]: Improve cache invalidation for CargoLink file lists
• [#34789]: Fix an upload issue with drag&drop in the file manager for folders
• [#30088]: Improve folder action call delay/limiting
• [#29389]: Implement a CargoLink PDF transfer journal
• [#29387]: Implement permanent metadata storage for CargoLink payloads
• [#13425]: Implement soft delete for CargoLink objects

• [#33022]: Implement multiple application_ids for APN subscriptions
• [#33021]: Implement multiple application_ids for APN on the push gateway
• [#31944]: Implement IP restrictions for tenants
• [#30161]: Implement CargoLink statistics metric with prometheus

• [#32361]: Fix transfer log display when GeoIP database is missing
• [#32195]: Fix nginx based file uploading for the filemanager using CSRF protection

• [#31112]: Replace JS fetch API calls due to browser incompatibility
• [#31108]: Improve ansible output management for updates
• [#29388]: Add basic PDF creation facility to the backend

• [#30872]: Fix terms display date and checks when re-approving the terms
• [#30728]: Update to openssl 1.1.1a for security updates
• [#30717]: Implement LC_* environment variable cleanup for SSH connections
• [#30716]: Fix date format checks when collecting error information metrics
• [#29836]: Implement POST only requests for the file manager
• [#29835]: Improve CSRF checks for the file manager
• [#29799]: Implement custom user login format checkers
• [#29793]: Improve automated cluster updates (maintenance mode)
• [#29785]: Implement domain based rules for postfix when using CargoMail
• [#29517]: Fix an issue with the API key expiration date set to the current date by default
• [#21580]: Fix a typo in a DB view for unified transfer querying

• [#30155]: Fix a class inheritance issue with background jobs
• [#29827]: Fix user name validation (firstname lastname)

• [#29900]: Fix unicorn server timeout configuration reload
• [#29879]: Update to nginx 1.14.1 for security reasons
• [#29596]: Improve the API documentation about pin delivery options
• [#29580]: Implement usage terms re-approval after update

• [#29509]: Fix Content Security Policy to allow inline images (data attribute)
• [#29393]: Improve CargoLink recipient view introduction text
• [#29392]: Implement configurable PIN delivery by email

• [#29342]: Fix CargoLink download notification backlink for tenants
• [#28923]: Implement custom usage terms to be accepted by all users

• [#28756]: Fix the profile icon
• [#28664]: Fix metric collection with encrypted datastore (vault)

• [#28563]: Update to openssl 1.1.1 for security and TLS1.3 preparation
• [#28149]: Fix a typo in the CargoLink invitation subject
• [#27885]: Implement 10 minutes error counter statistics via prometheus
• [#22309]: Implement key=value format logging for integration into SIEM systems

• [#22486]: Implement automated virtual node creation
• [#18758]: Implement upload limit management via ansible

• [#27544]: Fix profile settings limit for CargoLinks (number range)
• [#27367]: Update to openssl 1.1.0i for security updates
• [#25109]: Implement separate AV-Engine update management
• [#24799]: Implement expiration of DataRoom objects
• [#24373]: Fix max_downloads configuration limit checks
• [#22649]: Improve test coverage for storage pruning
• [#19030]: Implement full product configuration management

• [#24490]: Fix keepalived custom settings deployment
• [#24083]: Implement customer specific application timeouts
• [#6843]: Implement “copy to clipboard” for CargoLinks

• [#24395]: Implement default country prefix for mobile numbers
• [#24380]: Fix an issue with autocompleting mobile numbers on IE11
• [#24261]: Improve package cleanup after automated software update
• [#24050]: Fix an issue with JSON data store authentication
• [#24023]: Implement customer specific snmpd settings
• [#22520]: Fix an issue with wrong image urls in the browserconfig.xml file
• [#18755]: Implement automatic and custom keepalived configuration management

• [#22838]: Fix an issue with editing email and login attributes as administrator

• [#23093]: Implement the configuration of prepared_statements for DB connections
• [#21448]: Implement fail2ban management via ansible
• [#17705]: Improve the job queue monitoring for failed jobs

• [#22703]: Fix a cache invalidation issue when updating ACL entries for CargoLinks
• [#22621]: Fix a cache invalidation issue when group membership in an external AD changes
• [#22609]: Update to nginx 1.14 for security and stability improvements
• [#22600]: Implement cleanup for temporary files when exporting transfer logs
• [#22247]: Increase system limits for file system watches via inotify
• [#22165]: Implement explicit UTF8 support in FTP(S) connections when using the FEAT command
• [#21148]: Prevent administrators to use “become user” then the target user has the web interface disabled
• [#18994]: Implement 2FA via SMS policy for auto-provisioned users via AD/LDAP

• [#22502]: Fix an email template issue for account creation errors
• [#22499]: Fix an issue with proftpd deny filter for hidden files
• [#22450]: Fix an issue with seed data on new installations
• [#22429]: Improve german documentation for account registration
• [#21806]: Implement transfer log exports as CSV for administrators

• [#22173]: Implement customer specific SFTPKeyExchange settings
• [#22168]: Improve ansible logging on managed nodes
• [#22060]: Implement a “Referrer Policy” header for improved security
• [#21804]: Fix a DB replication issue when detecting sequence dependencies
• [#21650]: Fix an issue with folder uploads into the file manager
• [#21573]: Implement extended object ID value ranges (bigint)
• [#21308]: Implement customer specific SFTP/FTPS debug logging
• [#21274]: Fix hidden files configuration (dot-files) for proftpd
• [#18627]: Improve cron job handling in maintenance mode
• [#8530]: Update to monit 5.25.1 for security and stability improvements

• [#22059]: Fix an issue when adding share participants by email
• [#21798]: Update to openssl 1.1.0h for security updates
• [#21781]: Fix a startup issue when multiple postgresql versions are available
• [#21776]: Fix a replication start issue in maintenance mode
• [#21562]: Fix a shell script syntax issue with the replication starter script
• [#21443]: Fix a metrics collector issue when services are starting/stopping
• [#13699]: Update CargoMail to ruby 2.3.6
• [#9793]: Improve audit logs display for removed share participants

• [#21376]: Fix an issue with SCP logging (file size placeholder)
• [#21321]: Fix an issue with the transfer log exporter (file name special characters)
• [#21280]: Fix an issue with mod_statcache for proftpd changing file permissions
• [#21247]: Fix an issue with missing CA files for proftpd
• [#21241]: Fix an issue for proftpd TLSOptions and AllowEmptyPasswords (upstream bug)
• [#21203]: Increase the DB replication timeout to optimise for large changesets
• [#21149]: Fix an issue with a slow DB query for the administration dashboard

• [#20508]: Add nginx secure_link module for protecting temporary urls
• [#20465]: Fix proftpd configuration with TLS session ticket settings
• [#19107]: Monitor SSL certificate for expiration
• [#18754]: Add a maintenance mode for cluster updates
• [#8958]: Improve dot-files handling in the file manager and proftpd
• [#8372]: Improve verification if shares are enabled for a user
• [#7857]: Update to jQuery version 3

• [#20303]: Implement configurable session timeouts
• [#20280]: Fix an issue with SFTP logging when deleting files
• [#19128]: Fixed a DB password change task with ansible node management
• [#18769]: Fix an issue with account manager assignment when editing users
• [#17471]: Fix SFTP session tracking by ignoring monitoring connections
• [#16736]: Update to openssl 1.1
• [#12385]: Implement improved memory management with jemalloc for ruby
• [#9080]: Improve log output of background file system monitoring
• [#7483]: Improve email link for CargoLinks when using a desktop email application
• [#7252]: Improve german localisation for the administration interface

• [#18997]: Improve CargoMail package management with ansible
• [#18969]: Remove ansible 2.4 deprecated syntax for node management
• [#18968]: Improve multi-user ansible setup for node management
• [#18967]: Fix an issue with user preferences editing and disabled CargoLink upload features
• [#18852]: Implement custom mailname support for nodes
• [#18851]: Implement configurable SFTP logging for nodes
• [#18842]: Implement internal DNS domain support for nodes
• [#18366]: Implement environment based configuration for the database replication
• [#15307]: Disable TLS 1.0 and TLS 1.1 by default
• [#11261]: Update to proftpd 1.3.6
• [#7415]: Improve SMS delivery retry scheduling

• [#18757]: Improve serving cached static SVG files
• [#18727]: Improve environment based DB connection handling
• [#18628]: Implement customer specific FTPS ciphers and TLS protocols
• [#18181]: Add a german user guide
• [#17703]: Update to ansible 2.4 for node management
• [#16775]: Add cookie information to the sign-in page
• [#15365]: Fix a file encoding issue (non UTF-8)
• [#9091]: Improve error displaying when a file upload fails

• [#18492]: Improve background job error handling
• [#18405]: Fix a I18n issue with SMS status information
• [#18270]: Update to openssl 1.0.2n
• [#18269]: Update to nginx 1.12.2
• [#18261]: Improve ntp configuration
• [#18021]: Improve CargoLink download access checks
• [#17573]: Implement postgres credential management via ansible

• [#18252]: Implement proftpd custom settings with ansible
• [#18232]: Implement custom sshd settings with ansible
• [#17699]: Implement background queue monitoring and alerting
• [#17694]: Implement cluster configuration with ansible
• [#17589]: Fix a unicorn status display issue
• [#17572]: Implement encrypted SSL certificate management with ansible
• [#8105]: Fix a contact parsing issue when using the address book in the CargoLink wizard

• [#18176]: Fix an issue when displaying CargoLinks with nested directories
• [#18114]: Implement node role metric with prometheus
• [#18109]: Implement NTP metrics and alerts with prometheus
• [#18055]: Fix a share JS issue when inviting participants by email address
• [#18024]: Fix a directory ownership in /opt/cargo
• [#17759]: Improve file system event dispatch monitoring
• [#17747]: Implement application version metrics with prometheus
• [#17725]: Fix an issue when downloading directories as ZIP files containing the ‘?’ character in the name
• [#17692]: Implement SenderID compliant headers for email messages
• [#13718]: Fix an issue when comparing email addresses by using case-insensitive operations
• [#9089]: Fix a display issue with long file names in a CargoLink

• [#17963]: Improve JSON data store for CargoLinks
• [#17852]: Fix permission checks on user data directories
• [#17761]: Implement group membership filters for CargoLinks
• [#17760]: Improve host based configuration for ansible
• [#17570]: Implement encrypted configuration elements with ansible
• [#13646]: Fix rabbitmq startup monitoring
• [#13640]: Fix prometheus access via ssh
• [#9812]: Improve SAML local logout

• [#17816]: Implement ansible template validation
• [#17795]: Fix prometheus file system metric gathering
• [#17781]: Implement unicorn worker settings via ansible
• [#17757]: Improve initial database password generation
• [#17741]: Implement firewall rebuild when changing settings via ansible
• [#17737]: Fix content scanner file path encoding with special characters
• [#17704]: Implement Cargo software update via ansible
• [#17701]: Update proftpd configuration to use database functions
• [#17690]: Improve email validation and recipient parsing
• [#17432]: Implement configuration of max. login attempts via ansible
• [#17391]: Implement a unified transfer view for administrators
• [#17028]: Improve HTTPS monitoring for prometheus

• [#17648]: Fix an issue with custom cache intervals for CargoLinks
• [#17590]: Fix an issue with prepared statements in the background queue
• [#17458]: Fix an issue with public key lookup for SFTP
• [#17447]: Improve automated configuration rollout for managed nodes
• [#11137]: Fix an issue with encoded file names when using WebDAV with the macOS finder
• [#7670]: Improve the documentation generation by using asciidoctor

• [#17390]: Improve remote system management and automation
• [#17025]: Fix a file manager navigation issue
• [#17013]: Improve cargo update automation
• [#15355]: Improve CargoLink manifest generation and caching
• [#15353]: Implement a file resource API on top of CargoLinks
• [#15312]: Fix long cache key handling
• [#15190]: Improve local DB connection settings
• [#9002]: Fix a browser header parsing issue (wrong encoding)
• [#7364]: Implement automatic account locking based on authentication failures

• [#17016]: Improve bulk user import
• [#16949]: Update to ruby 2.3.5 for security fixes
• [#8936]: Implement profile edit restrictions for users

• [#16761]: Fixed a load path issue with libraries
• [#16738]: Fixed a class namespace issue
• [#15348]: Implement custom invitation subjects for CargoLinks
• [#15347]: Implement email sending policy per user

• [#13578]: Fix an issue with counting currently active web users
• [#12433]: Support Redis as cache store
• [#11274]: Update to nginx 1.12.1
• [#8209]: Improve monit status integration into the administration web interface

• [#15298]: Fix an issue when moving an existing account to AD authentication
• [#15292]: Update to openssl 1.0.2l
• [#15282]: Fix a german translation issue in the administration interface
• [#15269]: Fix a circular dependency issue
• [#15192]: Add more options to the file TTL setting
• [#15171]: Update to ruby on rails 4.2.9
• [#13906]: Fix a share duplication path check issue
• [#13825]: Fix a redirect issue after editing a CargoLink
• [#13568]: Instrument nginx for prometheus monitoring
• [#13424]: Fix a download logging inconsistency (file name versus full path)

• [#13860]: Fix an issue when detecting mounted shares with spaces in their name
• [#13824]: Fix a typo in the english CargoLink invitations subject
• [#13756]: Improve sign in error feedback
• [#13289]: Fix an issue with email addresses containing umlauts

• [#13814]: Implement CargoLink specific caching intervals
• [#13747]: Fix an issue with CargoLink uploads double logging into service transfers
• [#13744]: Fix an issue with ansible proxy settings
• [#9067]: Implement signed and encrypted SAML messages
• [#8224]: Implement an option to remove old CargoLink download logs

• [#13698]: Update ruby to version 2.3.4
• [#13515]: Improve CargoLink invitation subject
• [#13514]: Fix WebDAV OPTIONS for windows clients
• [#8229]: Implement CargoLink settings enforcement for administrators

• [#13628]: Fix an issue with SMS encoding using a mail gateway
• [#13559]: Fix an issue with Javascript initialisation for some views
• [#13558]: Fix an issue with WebDAV external authentication
• [#12384]: Implement adding recipient mobile numbers in the CargoLink wizard

• [#13550]: Fix JS date picker control initialisation
• [#12447]: Fix CargoLink wizard server exception handling
• [#12382]: Fix authenticated WebDAV GET request server errors
• [#11246]: Implement file system events in a AMQP message queue

• [#13280]: Update unicorn application server to version 5.3
• [#13273]: Implement prometheus base monitoring exporters
• [#12445]: Fix queue worker thread monitoring in cargod
• [#11273]: Implement WebDAV locking feature toggle
• [#11231]: Implement AMQP broker server configuration
• [#9203]: Fix archive interval calculation
• [#7152]: Fix share read/write change application

• [#12443]: Fix an issue with automatic CargoLink deletion (file remover)
• [#9209]: Implement ServiceTransfer logging for WebDAV
• [#8925]: Implement autodelete (content remove) for confidential messages

• [#11142]: Improve english translations
• [#9768]: Improve background job performance rebuilding CargoLink manifests
• [#9307]: Improve the dashboard view and honor the enabling/disabling of CargoLinks to receive files
• [#9258]: Fix an issue for MS IE when downloading files with UTF-8 encoded names

• [#9794]: Fix an issue regarding logging of WebDAV sessions
• [#9785]: Fix some translation issues in the admin panel when using German as the default language
• [#9293]: Fix restrictions regarding upload CargoLinks in new CargoLink wizard
• [#9256]: Allow CargoLink recipients to upload multiple files at once
• [#8935]: Prevent users from editing CargoLinks generated by CargoMail

• [#9314]: Remove some legacy DRBD parts from cluster file synchronization script
• [#9276]: Fix an issue regarding missing german translations for the login page
• [#9253]: Allow admins to enable / disable the AD group share feature
• [#9096]: Fix an issue in the admin audit log regarding Cargo user deletion
• [#9088]: Fix an issue regarding overly detailed upload progress percentage
• [#8922]: Implement logging for WebDAV sessions
• [#8896]: Auto-mount shares for AD groups upon first login / Cargo account creation
• [#8830]: Allow enforcement of PIN usage on all CargoLinks
• [#3894]: Allow Shares to AD group members

• [#9125]: Add missing release notes for Cargo 4.0.13
• [#9124]: Fix an issue with ZIP downloads in conjunction with items that are still pending content scanning
• [#9069]: Fix an issue regarding visitor group refresh caching
• [#8924]: Prevent AD synchronized users from changing their name, email and phone number in Cargo
• [#8894]: Allow IP restrictions for WebDAV service usage
• [#8892]: Implement basic WebDAV support
• [#8889]: Implement file locking required for WebDAV support
• [#7833]: Fix an issue regarding folders with slashes in their names
• [#7513]: Delete files & folders uploaded using the Easy Dashboard when no CargoLink was ever created
• [#6778]: Prevent Cargo admins from editing AD synchronized user details

• [#9060]: Fix an issue regarding keepalived restarts in Cargo cluster setups
• [#9059]: Fix an issue regarding SAML IDP certificate formatting
• [#9053]: Update nginx to version 1.10.3
• [#9051]: Disallow bulk download on CargoLinks with all items still pending content scan
• [#9050]: Fix a file download logging issue regarding background content scans
• [#9049]: Fix a sporadic error message when moving folders in WebFM
• [#9045]: Fix an issue in provisioning regarding proftpd.conf include statements
• [#8593]: Speed up failovers by keeping nginx, proftpd and unicorn running on both cluster nodes at all times
• [#8327]: Implement background content scanning for CargoLink uploads
• [#8318]: Implement background content scanning for uploads via Easy Dashboard
• [#7232]: Increase max. number of open files for Cargo processes

• [#9043]: Fix an issue regarding package installation not catching errors during DB migration
• [#9033]: Fix an issue regarding DB migration of the super admin flag
• [#9007]: Update OpenSSL to version 1.0.2k
• [#9001]: Reduce number of log messages when calculating file checksums
• [#9000]: Include /data/config in nightly Cargo backups
• [#8987]: Fix an issue regarding certain file extensions (.bak, .core) getting hidden in CargoLinks
• [#8969]: Improve cleanup of aborted large HTTPS uploads
• [#8951]: Fix a logging issue regarding files uploaded using the new CargoLink wizard
• [#8946]: Update keepalived to version 1.3.2
• [#8887]: Fix an issue regarding archiving of transfers with long filenames / paths
• [#8866]: Allow GeoIP restrictions on FTP / FTPS / SFTP connections
• [#8420]: Improve the message indicating remaining views of a confidential message
• [#8328]: Prevent users from accessing files that are still getting scanned in the background

• [#8945]: Update ProFTPd to version 1.3.5d
• [#8933]: Improve separation between nginx access and error logging
• [#8927]: Prevent confidential message content from getting logged
• [#8901]: Fix an issue regarding fail2ban log rotation
• [#8890]: Run the hourly cache warmup on Cargo slave nodes as well
• [#8888]: Move long-running manifest generation for a CargoLink to the background
• [#8178]: Fix an issue regarding email notifications for users with special characters in their name
• [#8176]: Fix an issue regarding email notifications after a confidential message has been downloaded

• [#8904]: Fix a path monitoring issue for folder actions when matching sub-directories
• [#8884]: Add email alerting when exceeding certain resource limits
• [#8839]: Unify the manifest and the file list generated for CargoLinks
• [#8725]: Make the number of unicorn workers configurable
• [#7869]: Move all inline JavaScript code into separate CoffeeScript files
• [#7751]: Fix a share creation issue when comparing the path with existing shares
• [#6730]: Allow multiple super-admins on a Cargo instance

• [#8837]: Speed up generation of the file manifest
• [#8834]: Fix an issue preventing email notifications for new CargoLinks in the classic wizard
• [#8833]: Fix an issue with the mouse-over text in the LDAP user directory admin search results
• [#8720]: Prevent auto-deletion of folders in case there’s other CargoLinks pointing to it
• [#7510]: Fix an issue regarding auto-deletion of expired CargoLinks

• [#8811]: In Cargo cluster setups, trigger a fail-over in case the database on the designated master becomes unresponsive
• [#8765]: Fix an issue regarding expired CargoLinks with GeoIP restrictions
• [#8755]: Update management SSH configuration for stronger ciphers and best practice security settings
• [#8735]: Fix an issue regarding account sign up / user self-registration
• [#8733]: Fix an issue when the LDAP user directory for address lookups isn’t reachable
• [#8010]: Update Ruby to version 2.3.1
• [#7500]: Display contacts and favorite contacts in filemanager sidepanel
• [#7253]: Improve some of the German translations
• [#7176]: Improve ProFTPd session status handling
• [#6600]: Implement plivo.com as a new SMS gateway provider

• [#8716]: Update nginx to version 1.10.2
• [#8713]: Improve filtering and pagination of Cargo journal / admin audit log
• [#8710]: Fix an issue with restarting Cargo services after unlocking an encrypted filesystem
• [#8705]: Fix an issue regarding SHA1 checksum calculations on directories
• [#8704]: Fix an issue in CargoMail regarding startup and queue processing behaviour
• [#8674]: Localized and improved error pages (for HTTP errors 404, 500 etc)
• [#8591]: Prevent the weekly anti-virus scan from following Cargo shares
• [#8326]: Async content scanner: Prevent users from accessing unscanned files
• [#6670]: Allow restrictions based on which country a CargoLink access request is coming from (GeoIP)

• [#8711]: Fix an issue regarding file-synchronization during fail-overs in cluster setups
• [#8687]: Update ClamAV to version 0.99.2
• [#8647]: Fix error handling when user directory server IP or credentials are wrong
• [#8449]: Disable PIN input field when creating a CargoLink for a recipient group

• [#8672]: Allow for multiple AD servers with fail-over capabilities
• [#8658]: Improve DB replication monitoring
• [#8648]: Show the full name and mobile number when autocompleting CargoLink recipients
• [#8585]: Show directory contact visibility information to the administrator
• [#8228]: Fix an issue when computing disk usage and 0 bytes are allocated
• [#7943]: Allow adding a mobile number to a CargoLink’s recipient

• [#8592]: Show the admin owning a certain directory in LDAP directory configuration section
• [#8584]: Update OpenSSL to version 1.0.2j
• [#8572]: Prevent creation of duplicate contacts when using a central user directory
• [#8184]: Show the required mobile number format when adding / modifying a contact
• [#6615]: Update list of Cargo package dependencies

• [#8557]: Fix an issue when admins are editing a user account
• [#8543]: Automatically update GeoIP database on a weekly basis
• [#8542]: Enable users to use contacts from an external address book when creating new Shares
• [#8537]: Fix an issue regarding session timeouts during large uploads
• [#8525]: Fix a potential javascript issue when uploading large files with a browser
• [#8523]: Fix alerts regarding a stalled DB replication
• [#8455]: Allow admins to configure external address book lookups via AD / LDAP
• [#8445]: Use binstubs for Ruby application gems
• [#8347]: Fix an issue regarding a deleted user still having active CargoLinks
• [#8319]: Implement background scanning of uploaded files
• [#8300]: Fix an issue with antivirus reports falsely marking disappeared files as infected
• [#7655]: Improve error message in case CargoLink settings cannot be saved as user’s new default
• [#4198]: Enable users to use contacts from an external address book when creating new CargoLinks

• [#8531]: Update keepalived to version 1.2.23
• [#8529]: Fix an issue regarding the page titles for new upload CargoLinks & confidential messages
• [#8471]: Fix an issue regarding the links from a CargoLink view back to Web file manager
• [#8081]: Fix an issue regarding local accounts when using SAML authentication
• [#7788]: Update OpenSSL to version 1.0.2h

• [#8436]: Fix submission of contact information via CargoLink recipient parameter
• [#8431]: Fix File Manager sorting by modification time
• [#8375]: Update Rails to version 4.2.7.1
• [#8325]: Implement asynchronous content-scanning facility for Web Filemanager uploads
• [#6092]: Reduce DB backup compression level to increase backup speed

• [#8411]: Fix an issue with translations of authenticated CargoLinks
• [#8410]: Fix an issue when configuring new tenants (subdomains)
• [#8405]: Get SSL certificate path from environment in proftpd.conf
• [#8403]: Fix an issue preventing the creation of a share on sub-folders in elFinder
• [#8402]: Improve description of “Unlimited Downloads” field in account settings
• [#8401]: Fix an issue regarding invalid input for CargoLink max. number of downloads
• [#8400]: Fix an issue when setting maximum downloads on an existing CargoLink to 1
• [#8395]: Fix an issue regarding the display of the close button on the old CargoLink wizard
• [#8392]: Fix a routing issue when editing existing folder actions
• [#8384]: Add asynchronous content scanning feature flag
• [#8376]: Add proper validation to user profile settings
• [#8036]: Allow drag&drop of files from desktop onto contacts/favorites
• [#7856]: Update elFinder (File Manager) to the latest version
• [#7480]: Fix sanitization of HTML in CargoLink email messages
• [#6669]: Add GeoIP information to CargoLink download reports

• [#8393]: Get DB credentials from environment variables in proftpd.conf
• [#8370]: Add a Cancel button to the confidential message dialog
• [#8369]: Fix an application issue when the ClamAV content-scanner isn’t available
• [#8362]: Enable server-side copying for FTP / FTPS (SITE CPFR/CPTO commands)
• [#8351]: Fix default quota and anti-virus report sender email address and X-Sender header
• [#8280]: Switch scheduled maintenance tasks to use syslog
• [#8276]: Fix an issue when resolving a AD distribution list for folder actions
• [#8059]: Report Anti-Virus content scanner violations on a single log line
• [#8030]: Allow unlimited downloads of a CargoLink as a user default setting
• [#7882]: Allow setting / unsetting unlimited downloads on an existing CargoLink
• [#7427]: Allow sorting of CargoLinks based on creation and expiration date

• [#8365]: Fix a CSS issue in the admin configuration section
• [#8349]: Fix a user authentication issue in conjunction with CargoMail & SAML
• [#8311]: Fix an issue with CargoMail startup
• [#8310]: Fix rsyslog configuration for CargoMail
• [#8165]: Fix application of a user’s default PIN when creating new CargoLinks
• [#7652]: Refuse files if (anti-virus) content scanner cannot be invoked
• [#7448]: Offload SHA checksum calculation for uploaded files to nginx

• [#8302]: Improve HTML layout for mobile recipients
• [#8298]: Correct a typo in the german localisation when sending a download notification
• [#8296]: Fix an issue when loading a folder action in the background
• [#8284]: Add X-Sender header to notification mails for new shares
• [#8275]: Fix a scheduling issues for actions using a weekly schedule
• [#8246]: Increase allowed memory limit when monitoring CargoMail
• [#8168]: Improve file manager link on the dashboard with an icon
• [#7575]: Use syslog for CargoMail
• [#7430]: Allow for enabling uploads directly in the CargoLink wizard
• [#4196]: Improve upload progress feedback when scanning files for malware

• [#8235]: Update nginx to version 1.10.1
• [#8216]: Add an API to get the current oauth visitor information
• [#8047]: Add random SECRET_KEY_BASE to /data/config/env
• [#7853]: Optimize CargoLink recipient view for smartphones
• [#7536]: Fix a display issue with the LDAP user search mask
• [#7509]: Remove all customizations from production.rb

• [#8198]: Fix ClamAV logrotate scripts
• [#8186]: Fix an API ACL performance issue
• [#8179]: Fix an issue regarding backslashes in shared folder names
• [#8159]: Automatically start CargoMail if installed
• [#8103]: Update keepalived to version 1.2.20
• [#8102]: Update nginx to version 1.10.0
• [#8101]: Improve error message when an admin tries to create an invalid Share
• [#8011]: Fix a potential stale caching issue for the menu
• [#7982]: Restrict read permissions on /var/log/xferlog
• [#7508]: Fix calculation regarding unicorn memory limits

• [#8164]: Fix some typos and inconsistencies in the WebUI
• [#8163]: Fix rubyrep_wrapper access permissions
• [#8099]: Update monit to version 5.17.1
• [#8093]: Use 4096-bit RSA keys instead of 1024-bit DSA keys for SFTP
• [#8092]: Update OpenSSL to version 1.0.1t
• [#8085]: Add RAR archive scanning support to ClamAV
• [#8082]: Increase ClamAV scanning timeout for uploads via the WebUI
• [#8067]: Fix a public group membership query issue for externally authenticated visitors
• [#8043]: Fix transport log export with regards to automatically deleted files
• [#7907]: Allow scheduled creation of CargoLinks via a Folder Action
• [#7432]: Implement new confidential message wizard
• [#7179]: Fix IE11 referrer hiding when linking to external URLs

• [#8069]: Fix handling of filenames and paths in download notifications and cache warmup background job
• [#8066]: Fix WAF header authentication precedence
• [#8022]: Fix fallback authentication via other authentication sources when using SSO via SAML
• [#4534]: Prevent admins from creating loops when configuring Shares

• [#8029]: Make ClamAV (clamd/freshclam) use syslog instead of directly logging to a file
• [#8009]: Fix display of files uploaded via a PIN-protected CargoLink
• [#7981]: Apply a more restrictive umask on user data, only granting Cargo services read/write access
• [#7979]: Add “no-store, no-cache” to Cache-Control headers to prevent caching of sensitive information
• [#7963]: Increase ClamAV maximum scan size to 1 GB, move temporary archive extraction path to /data/tmp
• [#7872]: Add ActiveSupport v4 compatibility to monit
• [#7739]: Integrate HMAC protected user id propagation from external systems using HTTP headers

• [#7977]: Update ProFTPD to version 1.3.5b
• [#7909]: Allow expiration extension on CargoLinks pointing to an empty folder
• [#7898]: Added permission layer to the key/value store available with each CargoLink
• [#7744]: Allow excluding attributes in the CargoLink manifest
• [#7404]: Do not traverse bindfs Shares in disk usage calculation background job

• [#7967]: Fix rake-wrapper.sh job locking mechanism
• [#7962]: Fix issues with the “More settings” section of the old CargoLink wizard
• [#7954]: Fix an issue with CargoLinks pointing to the wrong subdomain in a multi-tentant setup
• [#7953]: Fix an issue regarding files uploaded via a CargoLink not getting immediately displayed

• [#7908]: Fix an issue regarding quoting in CargoLink invitation messages
• [#7905]: Update to Rails 4.2.5.2 (preflight), Rails 3.2.22.2 (webapp)
• [#7899]: Update OpenSSL to version 1.0.1s
• [#7897]: Fix log export when users have been deleted
• [#7889]: Do not filter login_token in rails.log
• [#7886]: Fix an issue with some icons missing in font-awesome 4.4.0
• [#7810]: Fix an issue where the admin audit logs were missing some information

• [#7875]: Update glibc to fix CVE-2015-7547
• [#7861]: Fix a caching issue of the files displayed in a CargoLink for the recipient
• [#7825]: Fix an exception regarding downloads of non-existing files
• [#7769]: Update preflight app to Rails 4.2
• [#7759]: Update the devise Ruby gem to version 3.2.4
• [#7757]: Update jQuery Ruby gem to version 3.1.4
• [#7538]: Fix an issue when duplicate recipients are specified for a CargoLink

• [#7838]: Fix the handling of subdomain URLs
• [#7827]: Fix an issue with folder-action-monitor signal handling during startup
• [#7824]: Increase the type of up/download size in the DB to bigint, allowing logging of transfers of up to 64TB
• [#7738]: Build nginx using the latest version of mod_zip
• [#7735]: Implement public groups for the API ACL
• [#7703]: Peridiocally refresh a visitor’s ACL group membership
• [#7558]: Enforce ACL permissions on CargoLinks

• [#7808]: Update to OpenSSL 1.0.1r
• [#7789]: Update to nginx 1.8.1
• [#7734]: Show the actual client IP in rails.log instead of the upstream proxy IP
• [#7732]: Fix an issue regarding IE11 file uploads when using the new dashboard
• [#7730]: When cargo-mail is installed, permit incoming SMTP from the servers configured in postfix main.cf
• [#7721]: Export all environment variables defined in /data/config/env to Rails environment
• [#7696]: Update config and documentation to contain our new jumphost IP for maintenance access
• [#7419]: Do not trigger CAPTCHA upon reloading the login page
• [#7408]: Hide text ‘Click on the envelope to see its content’ when the secret message is displayed

• [#7666]: Increase kernel memory allocated for inotify user watches
• [#7664]: Improve monit postgresql socket monitoring
• [#7654]: Increase number of nginx workers to prevent blocking behaviour during large file uploads
• [#7644]: Fix an issue where downloading a zipped directory via a CargoLink wouldn’t generate a notification mail
• [#7612]: Fix the display of number of remaining downloads on a CargoLink with multiple recipients
• [#7605]: Update to OpenSSL 1.0.1q
• [#7600]: Fix wording regarding notifications about Share participants
• [#7597]: Fix an issue where the expiration date for partially downloaded CargoLinks could no longer be increased
• [#7571]: Fix an issue where a CargoLink would mistakenly get assigned a random PIN under certain conditions
• [#7569]: Fix an issue where setting a custom PIN for a CargoLink might not work under certain conditions
• [#7553]: Improve CargoLink expiration time input validation
• [#7512]: Improve quota and content checks before moving uploaded data to a user’s home directory
• [#7450]: Prevent users from configuring negative numbers of max downloads for CargoLinks

• [#7578]: Fix an issue with password recovery getting erroneously enabled during provisioning
• [#7574]: Update to custom-built monit 5.15 to improve speed and stability
• [#7573]: Fix an issue in the classic CargoLink wizard when setting an expiration time of only a few minutes
• [#7570]: Fix an issue preventing the creation of local Cargo users
• [#7568]: Fix an issue regarding the display of expired CargoLinks
• [#7567]: Fix an issue where confidential messages were missing the envelope icon when using the old CargoLink wizard
• [#7565]: Fix visibility of “New upload” button at the top left when using the old CargoLink wizard
• [#7559]: Remove a few obsolete ‘monit monitor’ calls from cargo init-script
• [#7529]: Improve failover mechanism of Cargo HA cluster
• [#7477]: Fix an issue where a wrong path for a file might be shown depending on how it’s downloaded
• [#7461]: Prevent monit from stopping services under high system load
• [#7459]: Update to keepalived 1.2.19 to improve failover speed and handling of gratuitous ARP
• [#7455]: Fix cargo-replicator.sh mechanism of finding rubyrep’s PID when killing it
• [#7449]: Fix an issue with a download of multiple files stalling under certain conditions

• [#7549]: Fix an issue with rubyrep not starting if the designated slave isn’t available
• [#7547]: Fix “flicker” effect when uploading files via Easy Dashboard
• [#7534]: Fix an issue preventing admins from being able to kick (forcefully logout) users
• [#7531]: Fix file selection dialog in the old CargoLink wizard
• [#7527]: Fix a typo in /etc/logrotate.d/cargo introduced in Cargo 2.6.8
• [#7498]: Fix time input validation when setting the expiration time on a CargoLink
• [#7492]: Fix traffic report calculations, which were accidentally inflated by a factor of 1e6
• [#7488]: Fix wording when creating the email message for an upload CargoLink
• [#7476]: Fix downloads in CargoLink “preview” mode (by the owner of the CargoLink) getting counted as actual downloads
• [#7462]: Fix display of ‘unlimited’ number of downloads in new CargoLink wizard
• [#7279]: Fix the shell script cargo-replicator.sh to generate proper rubyrep.conf

• [#7471]: Fix an issue with files for expired CargoLinks (with auto-delete enabled) not getting pruned properly
• [#7470]: Fix an issue where downloading from a CargoLink pointing to a file within a subfolder might not work under certain circumstances
• [#7439]: Fix an issue introduced in Cargo 2.6.9 where unicorn might get restarted because of it’s memory consumption on a >8 CPU core system
• [#7433]: Switch rubyrep from file logging to syslog
• [#7429]: Open new CargoLink wizard with file selection abilities when clicking on a contact
• [#7428]: Implement a file selection drop-down / search list in the new CargoLink wizard
• [#7426]: Allow dropping a file from WebFM to a contact in order to open the new CargoLink dialog
• [#7422]: Allow users to choose between classic view and new easy dashboard in their account settings
• [#7417]: Fix an issue with nginx requiring an error log file even when configured to use syslog

• [#7411]: Update to the latest version of nginx mod_zip module
• [#7410]: Update to the latest version of headers-more-nginx-module
• [#7407]: Fix an issue with a package install script trying to chown legacy directory /opt/cargo/webapp/logs
• [#7395]: Fix provisioning of the log level setting, i.e. generation of /data/config/env
• [#7389]: Improved wording according to OSAG feedback, more consistent terminology, fixed some typos
• [#7387]: Fix a redirect loop in the new CAPTCHA mechanism
• [#7381]: Include WebFM up- and downloads in log export feature
• [#7375]: Fix an issue regarding the download of files with path names longer than 256 characters
• [#7370]: Fix an issue with the log export feature prematurely removing old logs
• [#7333]: Fix an issue where a download might be logged with a wrong (user provided) filename
• [#7257]: In the admin interface, allow sorting of users based on last login time
• [#7251]: Fix Cargo sign-in message for german users
• [#6940]: Configure Postgresql performance settings based on available memory

• [#7369]: Remove monit sshd and rsyslogd monitoring, these are already monitored by upstart
• [#7365]: Add proper memcache protocol check to monit memcached monitoring
• [#7362]: Switch all Cargo-related daemons (nginx, proftpd, postgresql) to syslog logging
• [#7320]: Fix an issue with sync-to-slave.sh not getting REMOTE_HOST properly set
• [#7309]: Fix an issue regarding custom filters in the Cargo API
• [#7305]: Restart Postgresql only after 3 consecutive failed connection attempts by monit
• [#7262]: Use rsyslog for handling all Cargo (shell / daemon / rails) messages
• [#7260]: Switch all Cargo Rails jobs to syslog
• [#7184]: Enforce CAPTCHA based on source IP instead of HTTP session

• [#7361]: Fix handling of LOG_LEVEL in case /data/config/env is missing
• [#7266]: Implement caching for CargoLink JSON manifests
• [#7264]: New folder action for maintaining (cached) CargoLink JSON manifests
• [#7261]: Ability to trigger Apple Push Notifications via API call
• [#7259]: Make all shell scripts send their output to syslog
• [#7187]: Set LOG_LEVEL environment variable for all Rails tasks
• [#7115]: Ability to exclude certain files from the CargoLink JSON manifest

• [#7178]: Reload rsyslog after provisioning in order to use the new hostname in the logfiles
• [#7158]: Fix potential issue regarding date ranges for traffic reports
• [#7130]: Add dependency on gsfonts package required for CAPTCHA
• [#7116]: Fix the LDAP user search function in Cargo admin interface
• [#7105]: FIx a ZIP download issue when nginx’ mod_zip feature cannot be used
• [#6823]: Make messages regarding a wrong PIN entry go to the proper log file

• [#7046]: Fix an issue regarding one-click creation of a new CargoLink Upload
• [#7034]: Fix setting of SMS sender when using Ecall gateway
• [#7032]: Fix bug ID 4201 in ProFTPD leaving behind temporary files of scp users hitting their quota
• [#7022]: Add the ability to set the Ruby log level via environment variable LOG_LEVEL
• [#7017]: Fix an issue regarding the display of traffic reports in the admin audit section

• [#7011]: Fix an issue regarding the display of currently banned IPs (fail2ban)
• [#7010]: Fix an issue with iptables not getting the proper rules for FTP under certain circumstances
• [#6939]: Fix an issue with folder-action-monitor / cargod logging during signal handling routine
• [#6938]: Fix an issue regarding the display of login reports in the admin audit section
• [#6937]: Fix an issue regarding nginx’ static error pages in conjunction with the new asset pipeline
• [#6932]: Fix an issue with ProFTPd / ClamAV communications
• [#6926]: Implement an interface to ecall.ch as a new SMS gateway
• [#6851]: Reload Cargo daemons without user service interruption upon reconfiguration
• [#6787]: Implement asset pipeline for all assets and removed unused CSS & JS
• [#6773]: Select from a (searchable) ordered list when adding a folder to a CargoLink

• [#6852]: Fix CargoLink URL display after creating a new CargoLink
• [#6822]: Support non-numerical characters in LDAP-provisioned mobile phone numbers
• [#6809]: Disable display of CargoLink upload preference field when enable_links_upload: false
• [#6717]: Fix an issue with authentication caching when a user’s DN changes in LDAP
• [#6705]: Fix a JS injection vulnerability in filemanager HTML preview
• [#6703]: Fix an XSS vulnerability in the PIN field
• [#6656]: Remove TLSCACertificateFile parameter from proftpd.conf
• [#6202]: Update all applications to use Ruby 2.1.5
• [#6156]: Update ProFTPD to version 1.3.5a, restrict FTPS to TLS v1.1 & v1.2

• [#6783]: Fix a DB migration issue regarding LDAP user templates
• [#6724]: Use Rails 3.2.22 for all Cargo applications
• [#6711]: Fix an issue regarding service management by delegated admins
• [#6575]: Fix CargoLink URL display after CargoLink creation

• [#6696]: Make services start/stop in the foreground instead of using monit
• [#6689]: Fix an issue regarding enabling/disabling of external authentication
• [#6677]: Improve the generation of unique home directories based on the login name from any authentication source
• [#6629]: Relax the login character constraints to prevent issues with external authentication and sanitize the home directory we create from it
• [#6613]: Fix an issue regarding external authentication where the first login always fails

• [#6511]: Multiple network interface support in node.conf
• [#6325]: Update mounter/preflight gems to match the webapp
• [#6271]: Do not perform reverse DNS lookups on SSH connections
• [#6267]: Fix permissions on directory /var/log/cargo
• [#6266]: Fix an issue regarding the display of banned hosts
• [#6248]: Fix an issue with reconfigure.rb not getting properly deployed

• [#6721]: Update to OpenSSL-1.0.1o
• [#6540]: Fix an issue in the web admin interface where fetching the latest login for a user was using a very slow SQL query

• [#6657]: Fix an issue where file checksums are not being computed in the background when using the CargoLink API
• [#6654]: Fix an issue where missing locales from the AD triggers errors when sending emails
• [#6593]: Fix an issue where the postgres database startup was too late when cargo starts with /etc/init.d/cargo

• [#6628]: Fix an issue regarding authentication of AD users with special characters in their names
• [#6619]: Fix an issue regarding the location of iptables saved rulesets
• [#6618]: Fix an issue regarding reconfiguration of the hostname
• [#6614]: Fix an issue regarding the logfile locations during debian package installation
• [#6612]: Fix an issue regarding the display of the IP in the preflight app upon initial startup
• [#6477]: Fix an issue with include files in proftpd.conf
• [#6273]: Change the DB location to /data/database
• [#6272]: Fix order of monit and cargo services startup

This version focussed on issues with the installation and configuration.

• [#6495]: Fixed an issue with the locale when generating contacts from CargoLinks
• [#6497]: Fixed an issue when displaying a contact without a name
• [#6512]: Fixed an issue with displaying a large directory structure for a CargoLink
• [#6272]: Fixed an issue when computing the service status
• [#6477]: Fixed an issue when generating the proftpd configuration
• [#6612]: Fixed an issue when detecting the IP address for the console prompt
• [#6614]: Fixed an issue with the log directory creation upon installation
• [#6628]: Fixed an issue with special characters in the login when using AD integration
• [#6593]: Fixed a startup timing issue with the postgresql database
• [#6652]: Implemented the generation of a DH params file upon initial installation
• [#6653]: Fixed an issue with the /data directory layout for initial installations
• [#6654]: Fixed an issue where missing locales from the AD triggered errors when sending emails
• [#6657]: Fixed an issue where file checksums are not being computed in the background when using the CargoLink API

This version focussed on improving the CargoLink recipient view with large directories.

• [#6220]: Implemented a feature to throttle API access mitigating denial of service attacks
• [#6221]: Improved the recipient view of a CargoLink
• [#6246]: Improved the checks to prevent directory traversals when requesting a CargoLink download
• [#6265]: Improved the PIN entry field for CargoLinks on small devices
• [#6287]: Implemented a feature to redirect to an existing CargoLink in the file manager if the CargoLink icon is clicked
• [#6290]: Improved the exception handling when watching user data for changes in the file system
• [#6337]: Improved the share mounting performance
• [#6381]: Implemented a feature to allow for customised CargoLink background for tenants
• [#6442]: Improved the session statistics calculation for performance
• [#6452]: Improved the disk usage calculation via queued background job
• [#6482]: Updated to openssl 1.0.1m for security improvements
• [#6484]: Fixed an issue when checking the expiration date of a CargoLink

This version focussed on performance and security updates.

• [#4197]: Implemented a feature to allow for downloading multiple files as ZIP archive in the file manager
• [#4480]: Improved the automatic database optimisation for the quota table
• [#4675]: Improved the initial configuration of the system
• [#5849]: Improved the cleanup of share targets when the share expires
• [#5950]: Improved the performance of statistical views for the administrator to cope with heavy load and session count
• [#5953]: Implemented a feature to allow for automatic contact management
• [#5960]: Improved the audit log generation when changing user settings (like the timezone and the locale)
• [#6012]: Fixed an issue with the IP address in the CargoLink download notification email
• [#6052]: Fixed an issue where the error counter of a session was not increased when the authentication failed
• [#6076]: Improved the performance for showing the downloads in the CargoLink detail view
• [#6080]: Improved the default SMS gateway API client
• [#6126]: Implemented a feature to provide SNMP data from proftpd
• [#6157]: Improved the login attribute validation
• [#6163]: Improved the user display across administrative views for consistency
• [#6164]: Improved the home directory validation when renaming a user
• [#6166]: Fixed an issue with the LDAP/AD based locale setting for new users
• [#6169]: Implemented a feature to allow for custom attributes when sending upload/download notifications
• [#6170]: Implemented a feature to allow for email based authentication when using SFTP/FTPS
• [#6174]: Updated to rails 3.2.21 for security improvements
• [#6180]: Improved the quicklinks menu and the general visual appearence
• [#6185]: Implemented a feature to configure the log archive mode
• [#6189]: Improved the CargoLink creation for anonymous recipients to allow for easier copy&paste
• [#6190]: Fixed an issue with triggers being fired while the database replication is running
• [#6192]: Fixed an issue where selecting and downloading multiple files from the file manager did no work
• [#6193]: Fixed an issue when double-clicking a object in the file manager
• [#6194]: Improved the validation when renaming a file in the file manager
• [#6195]: Improved the handling of internally versus externally authenticated users
• [#6196]: Updated to openssl 1.0.1k for security improvements

This version focussed on the disk encryption management.

• [#1486]: Implemented a feature to allow for encryption management via Web-UI
• [#4513]: Implemented a feature to allow for TLS1.1/TLS1.2 with FTPS, updated openssl to 1.0.1j
• [#5801]: Improved the thread handling of cargod upon startup
• [#5840]: Improved the handling of global data retention policy with CargoLink expiration settings
• [#5841]: Implemented a feature to allow for sorting in the file manager
• [#5959]: Fixed an issue where delegated administrators could not change their password
• [#6074]: Fixed a potential issue when downloading a large number of files within a ZIP archive

This version focussed on performance improvements security improvements.

• [#2122]: Implemented a feature to allow for user specific auto-deletion of data
• [#3584]: Improved the handling of large directory structures in the file manager
• [#3794]: Implemented a feature to integrate the address book into the user selection for shares
• [#3889]: Implemented a feature to mark shared items with CargoLink in the file manager
• [#4208]: Implemented a feature to report daily logins
• [#4276]: Implemented a feature to adhere to SPF when sending invitation email messages
• [#5527]: Implemented a feature to show pending invitations for shares
• [#5581]: Implemented a feature to search for objects in the CargoLink recipients view
• [#5592]: Implemented a feature to allow for easier CargoLink expiration date setting
• [#5602]: Improved the user deletion by performing the cleanup in a background job
• [#5614]: Implemented a feature to enable/disable menu entries
• [#5622]: Improved the share verification upon login by running it in the background
• [#5626]: Updated to openssl 1.0.1i for security improvements
• [#5752]: Implemented a feature for new users to inherit the administrator of the user inviting them
• [#5757]: Improved the CargoLink download notification email
• [#5761]: Implemented referrer header suppression for external links

This version focussed on CargoLink enhancements and security improvements.

• [#2115]: Added a feature to configure the user’s timezone affecting the display of timestamp values
• [#3793]: Added a fature to allow for CargoLink default settings per user
• [#3940]: Improved the security of user invitations (for shares and memberships) by using a invitation token
• [#4315]: Improved the handling of file permission issues in the data store
• [#5078]: Improved the detection and mitigation of brute force attacks against a user account
• [#5138]: Improved the detection and mitigation of brute force attacks against a CargoLink PIN
• [#5302]: Updated to openssl 1.0.1h for security improvements
• [#5307]: Improved the logging of the data archiving background job
• [#5363]: Improved the database connectivity for the background job worker
• [#5370]: Improved the handling of missing files in the background job worker
• [#5391]: Improved the database replication monitoring
• [#5398]: Added a feature to enforce a minimum PIN length (if the PIN is set)
• [#5400]: Improved the user attribute validation
• [#5407]: Improved a validation when changing the PIN of a CargoLink
• [#5419]: Updated to rails 3.2.19 for security improvements
• [#5448]: Fixed an issue with the application configuration when updating a cluster installation
• [#5487]: Updated to proftpd 1.3.4.e for bug fixes and security improvements
• [#5515]: Improved the email message when sending CargoLink invitations
• [#5522]: Added a feature to allow for proxy authentication via CargoLink
• [#5528]: Added a feature to allow for CargoLink default notification settings

This version focussed on database performance and minor features.

• [#5128]: Improved the DB performance for session and transfer views
• [#5169]: Added a feature to allow for creating a CargoLink for upload with a quicklink
• [#5170]: Added a feature to allow for disabling/enabling a CargoLink
• [#5175]: Added a feature to provide a key/value store based on JSON for CargoLinks
• [#5181]: Added a feature to allow for setting the enable_upload flag in the CargoLink API

This version focussed on bug fixes and improvements with external authentication sources.

• [#5098]: Improved the Content-Security-Policy header
• [#5101]: Improved the CargoLink management by switching to the “/cargolinks” prefix
• [#5102]: Added a feature to allow for configuring the preferred locale of a contact
• [#5103]: Fixed an issue where the super administrator could not change his password
• [#5106]: Fixed an issue where the local authentication redirected to a SSO Login on failure
• [#5108]: Fixed an issue with email address validation in the configuration file
• [#5117]: Added a feature to enable/disable external authentication sources
• [#5137]: Fixed an issue where shared contacts may not be considered for autocompletion in the CargoLink wizard
• [#5139]: Improved the PIN input field for CargoLinks
• [#5144]: Added a feature to use the preferredLanguage attribute in the SAML response

This version focussed on SSO (single sign on) and security updates.

• [#1630]: Added a feature to send CargoLink PINs on demand
• [#4690]: Improved the SNMP agent by adding a system status information
• [#4919]: Improved the database replication monitor
• [#4920]: Added a feature to allow for custom data stored with a CargoLink
• [#4925]: Added a feature to detect and mitigate brute force attacks on CargoLinks
• [#4926]: Added a feature to allow CargoLinks of type “directory” via the API
• [#4927]: Added a feature to provide a manifest in JSON format for a CargoLink via the API
• [#4928]: Added a feature to allow SAML based SSO authentication/authorisation
• [#4938]: Fixed an issue where the log archiving failed to start
• [#4940]: Improved the archiving of old log and session data
• [#4964]: Improved the SMS status checks by using asynchronous scheduling
• [#4965]: Fixed an issue where the antivirus report tried to process a missing file
• [#4973]: Updated to rails 3.2.17 for security improvements
• [#4991]: Improved the display of confidential messages
• [#5019]: Improved the CargoLink manifest cache
• [#5027]: Updated openssl to version 1.0.1g for security improvements
• [#5031]: Fixed an issue where notifications for file uploads in a CargoLink have not been sent
• [#5045]: Improved user input handling to prevent stored XSS vulnerabilities
• [#5047]: Improved error messages to prevent reflected XSS vulnerabilities
• [#5056]: Improved the failed login detection and IP blocking rules
• [#5057]: Improved the SW version display to prevent information leakage
• [#5058]: Improved the error messages sent by the webserver
• [#5060]: Improved the SFTP cipher selection
• [#5074]: Added a feature to enforce authentication even for CargoLink access
• [#5077]: Improved the SSL cipher and protocol selection for HTTPS, added the X-Content-Security-Policy header

This version focussed on improvements for backup/restore and external authentication sources

• [#4604]: Improved the interface with the f-prot scanning engine
• [#4605]: Improved the restore of encrypted backups
• [#4606]: Improved the application server timing configuration
• [#4676]: Improved the email quota report layout
• [#4685]: Fixed an issue for new users missing a authentication source configuration
• [#4686]: Added a feature to verify the email with external authentication sources when signing up is enabled
• [#4701]: Improved the restore of database objects from backups
• [#4747]: Improved the handling of internal/external authentication

This version focussed on improvements for default settings and disk space monitoring

• [#4514]: Implemented a feature to deny uploads when low disk space conditions occur
• [#4545]: Improved the support for PostgreSQL 9.3
• [#4547]: Implemented a feature to search users in external authentication sources
• [#4548]: Updated to Rails 3.2.16 for security improvements
• [#4552]: Improved the application logging by storing all logs in /var/log/cargo
• [#4558]: Fixed an issue where the bind password for external authentication sources was lost on editing the object
• [#4562]: Implemented a feature to configure defaults for new CargoLinks
• [#4563]: Implemented a feature to configure defaults for new Shares

This version focussed on bug fixes and improvements

• [#2953]: Added a link to show system information and services status details
• [#4206]: Improved the user session list by allowing for date based filtering and number of transfers
• [#4319]: Fixed an issue when creating a new account and starting the password reset workflow without confirming the account beforehand
• [#4330]: Fixed a warning when calling dpkg via sudo
• [#4334]: Fixed multiple issues with special characters in share path names
• [#4348]: Updated to Rails 3.2.15 for security and performance improvements
• [#4352]: Fixed an issue where a folder rename triggered an exception when reconfiguring attached shares
• [#4353]: Fixed an issue with automated actions on user account creation (case sensitive email comparison)
• [#4361]: Improved the user management by separating confirmed and unconfirmed users
• [#4419]: Fixed an issue where a new user could not be locked and promoted as administrator
• [#4439]: Improved the performance of interacting with the proftpd daemon
• [#4440]: Fixed an issue where shares are not shown for delegated administrators
• [#4441]: Fixed an issue with automated actions after signing in when the user has no email address
• [#4445]: Implemented a feature to allow for trusted additional network interfaces (multi-homed hosts)
• [#4448]: Fixed an issue where directories did count for a total CargoLink payload size
• [#4455]: Implemented a feature to allow for reactivating expired CargoLinks
• [#4474]: Implemented a feature to search AD group membership using a extensible match for nested groups
• [#4497]: Improved the email address validation

This version focussed on bug fixes and improvement of the shares

• [#2949]: Improved the contact search performance
• [#3895]: Improved a tool tip when trying to delete a user
• [#3903]: Improved the sending of Apple push notifications by using a background queue
• [#3935]: Improved the checks when deleting directories to prevent errors with shares
• [#4105]: Improved the replication check while archiving old transfer data
• [#4110]: Improved the events display by adding a database optimisation
• [#4126]: Fixed an issue when sending attachments in standard mail messages
• [#4157]: Improved the manifest generation by optimising a database query
• [#4173]: Fixed a segfault when using SCP connections
• [#4175]: Fixed an issue with ZIP-archives for CargoLinks when using “+” in file names
• [#4179]: Improved the SFTP/FTP session performance by optimising a database interaction
• [#4192]: Improved the local monitoring of the failover process
• [#4200]: Improved the delegated administrator’s view by adding the status information (lower left corner)
• [#4201]: Upgraded the application server unicorn to 4.6.3
• [#4204]: Fixed a log export issue (empty files)
• [#4207]: Improved a form control to set the CargoLink expiration date
• [#4224]: Improved the SMS delivery check at the provider
• [#4225]: Added a feature to allow for configuring the administrator assigned to new users (when signing up)
• [#4279]: Fixed an issue with share double mounting by comparing wrong path elements
• [#4284]: Improved the share path validation to prevent duplicate identical shares
• [#4286]: Improved the share path validation to be more strict with special characters
• [#4287]: Fixed a mount/unmount issue for shares when using whitespace in the name
• [#4314]: Added a feature to allow for configuring global CargoLink defaults

This version focussed on external authentication sources

• Added a Active Directory / LDAP integration for external authentication
• Added a background job queue to allow for asynchronous processing
• Added a bulk transfer mode when synchronising with a CargoLink
• Improved the search form for contacts and users
• Improved the autocompletion for CargoLink recipients
• Upgraded to bootstrap version 2.3 (HTML/CSS framework)
• Fixed a redirect when editing unconfirmed contacts
• Fixed a inotify file descriptor leak when mounting/unmounting shares

This version focussed on bug fixes and improvements

• Fixed an issue when selecting users to share folders
• Added a new feature to create ZIP-archives on the fly and support streaming
• Improved the fail2ban internal configuration

This version focussed on bug fixes and improvements

• Added a new replication monitoring feature
• Added a feature to create CargoLinks via the API with unlimited expiration date
• Upgraded to proftpd 1.3.4d for security and performance improvements
• Improved the archiving of logdata to better cooperate with the replication
• Improved the display of recipients for CargoLinks in the detail view
• Improved the user list when configuring a share
• Improved the email greetings
• Improved the caching of checksum data for CargoLink manifests
• Improved the handling of existing users being invited to a share by email
• Improved the cleanup of temporary ZIP-files
• Fixed a issue when creating a share for a custom path as administrator
• Fixed a issue when generating email recipient addresses
• Fixed a issue with the writable setting for a share when inviting a new user
• Fixed a issue when creating and editing a share and inviting external users

This version focussed on bug fixes and improvements

• Added a content scanning features with support for antivirus (clamav, f-prot)
• Added a feature to share contacts within a organisation
• Added a feature to edit the PIN for a CargoLink
• Upgraded to OpenSSL 1.0.1e for security improvements
• Upgraded to proftpd 1.3.4c for security and performance improvements
• Improved the file size check when upload to a favorite
• Fixed a issue when creating a CargoLink for a empty folder
• Fixed a issue when creating a ZIP-file when downloading from a CargoLink
• Fixed a issue when the session timeout is hit while uploading large files
• Fixed a issue when adding a user to a organisation

This version focussed on bug fixes and improvements

• Added a feature to add/remove recipients from CargoLinks
• Improved the CargoLink manifest cache (cache warmup)
• Improved email headers when sending notifications (precedence, auto-submitted)
• Improved the user data synchronisation when using shares
• Improved the data migration tools from sqlite3 to PostgreSQL
• Upgraded to Ruby on Rails 3.2.12 for security and performance improvements
• Fixed a issue where custom email attachments could not be found

This version focussed on performance improvements by introducing the PostgreSQL database system

• Added support for PostgreSQL as as database backend which will be the default for new installations
• Added a realtime database replication solution for PostgreSQL
• Added a feature to allow the recipient to upload files to a CargoLink
• Improved the CargoLink directory view
• Improved the caching using memcached
• Improved I18n when sending email
• Improved strict UTF-8 encoding of all file and directory names
• Upgraded to Ruby on Rails 3.2.11 for security and performance improvements
• Fixed a issue with the custom path when editing a share
• Fixed a cache key issue affecting the quicklinks above the menu
• Fixed a javascript issue with the calendar control on IE8
• Fixed a issue when searching users in the administration view
• Fixed a encoding issue when importing contacts

This version focussed on notifications and security fixes

• Added a feature to re-invite users (tenants mode)
• Added support for push notifications (see separate documentation)
• Improved the detection of new files in the folder action monitor
• Improved the generation of session tokens
• Improved logging for the folder actions
• Fixed a upstream Ruby on Rails security issue while parsing parameters

This version focussed on bug fixes and improvements

• Added the feature to disable Apple touch icons in the layout
• Added the feature to allow for sharing a empty folder via CargoLink (ie. for upload only)
• Improved the handling of requests via javascript in the administrator’s dashboard
• Improved the mime-type configuration for downloading video files
• Fixed the javascript code for creating a CargoLink for IE8
• Fixed the handling of filenames with special characters (ie. umlauts) in the file manager

The 2.0 Release is a major milestone in the Cargo product line and provides a large set of new features based on the rock solid Cargo core infrastructure.

• Redesigned web interface using modern HTML5 features
• Support for Drag&Drop when creating CargoLinks from your desktop
• Support for contact and recipient list management
• Support for CargoLinks with multiple recipients
• Allows CargoLinks recipients to upload files
• Provides a REST-ful API available via HTTPS, secured by access tokens or a HMAC-based scheme
• Upgraded to Ruby on Rails 3.2.8 for security and performance improvements
• Switched to nginx for SSL performance and caching improvements
• Switched to unicorn as application server for performance improvements
• Improved large file uploads (> 1 GB) via the web interface Consult the User Guide and the API Guide for more details about the new features.

This version focussed on bug fixes and improvements

• Added a feature to enable/disable CargoLink download notifications
• Improved the download log display for CargoLinks
• Improved the handling of internal exceptions
• Improved the download of large documents
• Fixed the HTTP cache settings for IE8
• Fixed the handling of the configured SSL certificate in node.conf when upgrading

This version focussed on bug fixes and improvements

• Added a download button to the file manager
• Upgraded the SSL library to support TLS1.1 and TLS 1.2 directly in the webserver
• Improved the SSL compression and keepalive timeout settings
• Fixed the quota report job
• Fixed the password enforcement when editing a user as administrator
• Fixed the handling of temporary files when uploading data

This version focussed on the folder actions feature

• Improved performance and stability of folder actions
• Introduced the first general folder action “Create CargoLink”
• New CargoLink list layout
• Upgraded to Ruby on Rails 3.0.14 (Four important security fixes)
• Improved log archive handling

This version focussed on the folder actions feature

• Initial release of the folder actions feature

This version focussed on bug fixes and improvements

• Switched to external image reference in the documentation to support Internet Explorer 8
• Support for Internet Explorer 8 sending a format parameter of ‘*/*’ when accessing the site from a external link
• Support for exclusive locking when mounting/unmouting shares to mitigate an issue with fast master/slave switching
• Improved the database synchronisation between the nodes (to prevent locking issues)
• Fixed a bug with the “pull dry” option of sync-to-slave.sh where the local database is truncated

This version focussed on bug fixes and improvements

• Support for explicit UTF8 encoding with FTP
• Support for getting the sychnronisation status via SNMP
• Improved error notifications by email
• Fixed the admin-flag handling when creating a new user
• Fixed the control socket issue with proftpd (upstream bug number 3756) with a custom patch
• Fixed a synchronisation issue when automatically exporting logs

This version focussed on performance and monitoring

• Support for SNMP monitoring, including custom service data
• Performance improvements for the administration dashboard
• Performance improvements for the user management
• Updated local database indexes
• AutoDelete feature for CargoLinks and files
• Upgrade to Ruby on Rails 3.0.11 due to a possible XSS security issue
• Allow for certain environment variables to be accepted for SFTP clients (LC_MESSAGES)
• Improved log rotation in ‘/var/log/cargo’
• Improved service monitoring on the current master node
• Fixed the audit-view for delegated administrators
• Fixed a issue for the audit log generation when deleting a file via WebFM
• Fixed a issue when displaying quota warnings

This version focussed on the CargoLink API

• Initial support for the creation of CargoLinks in bulk
• CargoLink API

This version focussed on enhanced administration features.

• Delegated administration
• Restricted super administration access
• Enhanced quota computing
• Reverse proxy support

This version focussed on the Shares feature

• Shares allow for shared folders between users and integrate with all services supported
• Export transfer logs in xfer format automatically
• Allow for case-insensitive login on authentication
• New script to change the shared IP on a cluster

This version focussed on the CargoLink feature and security

• CargoLinks can transport confidential messages
• CargoLinks can share directories
• Improved user dashboard with quicklinks, favourites and drag&drop support for CargoLink creation
• Upgrade to Ruby on Rails 3.0.10 due to minor security issues

This version focussed on the CargoLink feature.

• Initial CargoLink implementation to share files
• SMS Authentication
• Increase HTTPS security by using HSTS, session protection, CSRF protection

This version focussed on the OTP authentication and clustering.

• OTP Support according to RFC-4226
• Failover-Cluster with VRRP

This version focussed on the SFTP service

• SFTP support
• key-based authentication support

This version focussed on the web-based file manager

• Integration of the web-based file manager