security update for filezilla.openSUS...
This update was submitted from Tomáš Chvátal (scarabeus_iv) and rated as moderate
FileZilla was updated to version 3.7.3 to add various features, fix bugs and also security issues in the embedded putty ssh client. Full changelog: https://filezilla-project.org/changelog.php - Noteworthy changes: * Apply a fix for a security vulnerability in PuTTY as used in FileZilla to handle SFTP. See CVE-2013-4852 for reference. * Merge further fixes from PuTTY to address CVE-2013-4206, CVE-2013-4207, CVE-2013-4208 - Version bump to 18.104.22.168 - Fix issues with bundled gnutls - Update translations - Update to version 3.7.0. Changes since 22.214.171.124: - Show total transfer speed as tooltip over the transfer indicators - List supported protocols in tooltip of host field in quickconnect bar - Use TLS instead of the deprecated term SSL - Reworded text when saving of passwords is disabled, do not refer to kiosk mode - Improved usability of Update page in settings dialog - Improve SFTP performance - When navigating to the parent directory, highlight the former child - When editing files, use high priority for the transfers - Add label to size conditions in filter conditions dialog indicating that the unit is bytes - Ignore drag&drop operations where source and target are identical and clarify the wording in some drop error cases - Trim whitespace from the entered port numbers - Slightly darker color of inactive tabs - Ignore .. item in the file list context menus if multiple items are selected - Display TLS version and key exchange algorithm in certificate and encryption details dialog for FTP over TLS connections. - Fix handling of remote paths containing double-quotes - Fix crash when opening local directories in Explorer if the name contained characters not representable in the locale's narrow-width character set. - Fix a memory leak in the host key verification dialog for SFTP - Fix drag-scrolling in file lists with very low height - Don't attempt writing XML files upon loading them - Improve handling of legacy DDE file associations - Fix handling of HTTPS in the auto updater in case a mirror redirects to HTTPS - Update to version 126.96.36.199. Changes since 3.5.3: - 188.8.131.52 (2012-11-29) * Fix problems with stalling FTP over TLS uploads * MSW: Minor performance increase listing local files - 184.108.40.206 (2012-11-18) * Fix problems with TLS cipher selection, including a bugfix for GnuTLS * Fix a crash on shutdown * Add log message for servers not using UTF-8 * Small performance and memory optimizations getting file types * Improve formatting of transfer speeds - 3.6.0 (2012-11-10) * Fix a crash introduced since 3.5.3 * IPv6-only hosts should no longer cause a crash in the network configuration wizard
- Relogin suggested:
- Reboot suggested:
- Package-manager restart: