LogoopenSUSE Build Service > Projects
Sign Up | Log In

security update for filezilla.openSUS...

filezilla: 3.7.3 version and security bugfix update
This update was submitted from Tomáš Chvátal Tomáš Chvátal (scarabeus_iv) and rated as moderate
Description:
FileZilla was updated to version 3.7.3 to add various features, fix
bugs and also security issues in the embedded putty ssh client.

Full changelog: https://filezilla-project.org/changelog.php
  - Noteworthy changes:
    * Apply a fix for a security vulnerability in PuTTY as used in FileZilla to handle SFTP. See CVE-2013-4852 for reference.
    * Merge further fixes from PuTTY to address CVE-2013-4206, CVE-2013-4207, CVE-2013-4208

- Version bump to 3.7.0.1
  - Fix issues with bundled gnutls
  - Update translations

- Update to version 3.7.0. Changes since 3.6.0.2:
  - Show total transfer speed as tooltip over the transfer indicators
  - List supported protocols in tooltip of host field in quickconnect bar
  - Use TLS instead of the deprecated term SSL
  - Reworded text when saving of passwords is disabled, do not refer to kiosk mode
  - Improved usability of Update page in settings dialog
  - Improve SFTP performance
  - When navigating to the parent directory, highlight the former child
  - When editing files, use high priority for the transfers
  - Add label to size conditions in filter conditions dialog indicating that the unit is bytes
  - Ignore drag&drop operations where source and target are identical and clarify the wording in some drop error cases
  - Trim whitespace from the entered port numbers
  - Slightly darker color of inactive tabs
  - Ignore .. item in the file list context menus if multiple items are selected
  - Display TLS version and key exchange algorithm in certificate and encryption details dialog for FTP over TLS connections.
  - Fix handling of remote paths containing double-quotes
  - Fix crash when opening local directories in Explorer if the name contained characters not representable in the locale's narrow-width character set.
  - Fix a memory leak in the host key verification dialog for SFTP
  - Fix drag-scrolling in file lists with very low height
  - Don't attempt writing XML files upon loading them
  - Improve handling of legacy DDE file associations
  - Fix handling of HTTPS in the auto updater in case a mirror redirects to HTTPS

- Update to version 3.6.0.2. Changes since 3.5.3:
  - 3.6.0.2 (2012-11-29)
    * Fix problems with stalling FTP over TLS uploads
    * MSW: Minor performance increase listing local files
  - 3.6.0.1 (2012-11-18)
    * Fix problems with TLS cipher selection, including a bugfix
      for GnuTLS
    * Fix a crash on shutdown
    * Add log message for servers not using UTF-8
    * Small performance and memory optimizations getting file
      types
    * Improve formatting of transfer speeds
  - 3.6.0 (2012-11-10)
    * Fix a crash introduced since 3.5.3
    * IPv6-only hosts should no longer cause a crash in the
      network configuration wizard
Fixed bugs:
Required actions:
  • Relogin suggested:
  • Reboot suggested:
  • Package-manager restart: