This release is primarily a bug fix release. Upload Performance During performance testing, we discovered that the default configuration of the SFTP server created a bottleneck in upload performance. Several configuration changes could quickly mitigate the problem, such as changing the SFTP block size on the client or enabling TCP_NODELAY on the server. However, the […]
Maverick Legacy Client 1.7.42
This release is primarily a bug fix release. Azure SFTP compatibility A compatibility issue exists in previous versions with the Azure SFTP service. The remote server terminates the connection if you connect to the service with a hyphen in the Software/Version/Comments field of the SSH identification string. The identification string is now further sanitised before […]
Maverick Legacy Server 1.7.42
This release contains a critical security update after the introduction of Proxy Protocol in the previous 1.7.41 release. If you are using 1.7.41 in production, we strongly recommend upgrading to this new version as soon as possible. […]
Maverick Synergy Java SSH API 3.0.8
This Maverick Synergy Java SSH API release contains a critical security update for server users using 3.0.7, client-side proxy support, refactored ed25519 implementation, and minor bug fixes. This update is a Hotfix Branch release and is currently only available to our commercial Hotfix product subscribers. Jadaptive will push these fixes to the open-source version at […]
Maverick Synergy Java SSH API 3.0.7
This release of the Maverick Synergy Java SSH API contains several improvements and bug fixes as we continue to test the possibilities of the API. This update is a Hotfix Branch release and is currently only available to our commercial Hotfix product subscribers. Jadaptive will push these fixes to the open-source version at a future […]
Log4J and Log4Shell in Java SSH Clients and Servers
The major flaw found in Log4J, a Java logging API, has had a lot of focus this week, and security experts and IT teams have been scrambling to ensure their web servers are not vulnerable. Amid all this craziness, we should not forget that Enterprise Java Software is not limited to the world of HTTP […]
A Java Application to demonstrate Log4Shell
I put together this simple application to demonstrate the Log4Shell vulnerability to my colleagues. To exploit the vulnerability, we need an exploit string and a Java Main class that logs that string using Log4J. First, we need to set up the application. The easiest way to do this is through Maven to set up the […]
Log4Shell and the Maverick Java SSH APIs
Log4Shell CVE-2021-44228 describes a remote code execution vulnerability in Log4J 2. We can confirm that our Maverick Java SSH APIs do not depend on Log4J 2, and we do not distribute the affected versions with our APIs as a third-party dependency. However, it is still possible to use these versions with our library through the […]
Maverick Legacy Server 1.7.34
JADAPTIVE Limited is pleased to announce the release of Maverick Legacy Server 1.7.34. Builds are now available for download from your account. Thank you to all customers that have helped by reporting issues and confirming fixes.This release is primarily a bug fix release; however, please pay particular attention to the change in dependency support for […]
Maverick Legacy Client 1.7.34
JADAPTIVE Limited is pleased to announce the release of Maverick Legacy Client 1.7.34. Builds are now available for download from your account. Thank you to all customers that have helped by reporting issues and confirming fixes.This release is primarily a bug fix release; however, please pay particular attention to the change in dependency support for […]