Security Advisory for SFTPPlus 3.41.1

Wed 21 November 2018 | security compliance

We have released SFTPPlus version 3.41.1 which fixes the following security defects:

The files downloaded using the HTTP file transfer service now have explicit headers to disable caching.
The HTTP service no longer returns user input as part of the error messages.

An upgrade is recommended for any customer using SFTPPlus as an HTTP/HTTP server.

You can check the full release notes here.

Security advisories newsletter

The security advisories newsletter is available to our customers as a convenient method for receiving information about security updates and best practices.

You can view the security advisories archive here (articles are made public 3 months after their initial internal release).