SFTPPlus version 4.35.0 now able to enforce TLS session reuse for FTPS data connections.

SFTPPlus is not vulnerable to the recent SSH / SFTP Terrapin attack.

A security advisory was created for SFTPPlus version 4.28.0 affecting customers using the AS2 protocol to receive files without HTTP authentication.

SFTPPlus is not using the OpenSSL 3.0.x libraries yet and is not affected by security vulnerabilities specific to these versions.

A security advisory was created for SFTPPlus version 4.23.0 affecting cross-site scripting (XSS) protection for the administration console.

We are announcing the latest release of SFTPPlus, version 4.23.0 with improved Azure AD authentication, installers on Linux and macOS, and added XSS protection on Activity log page.

We are announcing the latest release of SFTPPlus, version 4.22.0 with support for Azure AD, updated UI and a security change in the way source IP are allowed.