This release fixes the Log4J CVE by embedding the 2.17.0 version.
| Description | Download Link | SHA1 hashes | PGP Signature file of download |
|---|---|---|---|
| zip distribution | apache-ftpserver-1.1.2-bin.zip | SHA1 | ASC |
| tar.gz distribution | apache-ftpserver-1.1.2-bin.tar.gz | SHA1 | ASC |
| tar.bz2 distribution | apache-ftpserver-1.1.2-bin.tar.bz2 | SHA1 | ASC |
It is essential that you verify the integrity of the downloaded files using the PGP signatures. The PGP signatures can be verified using PGP or GPG. Begin by following these steps:
Download the KEYS
Download the asc signature file for the relevant distribution
Verify the signatures using the following commands, depending on your use of PGP or GPG:
$ pgpk -a KEYS $ pgpv apache-ftpserver-1.1.2-bin.tar.gz.asc
or
$ pgp -ka KEYS $ pgp apache-ftpserver-1.1.2-bin.tar.gz.asc apache-ftpserver-1.1.2-bin.tar.gz
or
$ gpg --import KEYS $ gpg --verify apache-ftpserver-1.1.2-bin.tar.gz.asc apache-ftpserver-1.1.2-bin.tar.gz
To use this release in your maven project, the proper dependency configuration that you should use in your Maven POM is:
<dependency> <groupId>org.apache.ftpserver</groupId> <artifactId>ftpserver-core</artifactId> <version>1.1.2</version> </dependency>
| Description | Download Link | SHA1 hashes | PGP Signature file of download |
|---|---|---|---|
| zip sources | apache-ftpserver-1.1.2-src.zip | SHA1 | ASC |
| tar.gz sources | apache-ftpserver-1.1.2-src.tar.gz | SHA1 | ASC |
| tar.bz2 sources | apache-ftpserver-1.1.2-src.tar.bz2 | SHA1 | ASC |
$ git clone https://gitbox.apache.org/repos/asf/mina-ftpserver.git $ git checkout ftpserver-parent-1.1.2
You are now on 1.1.2 branch.