Overview

Introduction

Welcome to the homepage of FileZilla, the free FTP solution. Both a client and a server are available. FileZilla is open source software distributed under the terms of the GNU General Public License

Support is available through our forums, the wiki and the bug and feature request trackers.

In addition, you will find documentation on how to compile FileZilla and nightly builds for multiple platforms in the development section.

Quick download links

Pick the client if you want to transfer files. Get the server if you want to make files available for others.

News Atom feed icon

2008-12-02 - FileZilla Client 3.1.6 released

New features:

  • Automatically refresh remote directory listing if queue finishes successfully

Bugfixes and minor changes:

  • Speed up refresh of remote directory listing if adding files during uploads
  • Connections no longer time out waiting on a directory listing getting retrieved by a different connection
  • Number of files were not updated if deleting remote files
  • MSW: Update manifest so that the evil filesystem virtualization stays disabled under Vista

2008-11-26 - FileZilla Client 3.1.6-rc1 released

New features:

  • Configurable location of message log pane
  • Context menu inside site manager to export individual sites or site subtrees

Bugfixes and minor changes:

  • Several fixes for users with Turkish locale
  • Fix race condition causing not all subdirectories to be added to queue on upload
  • Cleanup of pane splitter code to facilitate configurable message log position
  • Cleanup of path and directory listing caches to be less convoluted

2008-11-15 - FileZilla Client 3.1.5.1 released

Bugfixes and minor changes:

  • Connection establishment through SOCKS proxies could fail in some cases
  • Clearing private data no longer crashes if quickconnect bar is hidden
  • Handle drag & drop of symlinks
  • Update remote directory tree if deleting a subdirectory
  • Fix parsing of HTTP chunk lengths for the update downloader
  • Reduce memory consumption of remote directory tree
  • Rewrite the code that added local directories to the queue. New one is faster and avoids some potentially thread-unsafe behaviour of the old code
  • OS X: Fix help menu duplication on non-English systems
  • MSW: Reset wxWidgets internal display cache if changing display resolution or layout
  • MSW: Fixes for silent intaller

2008-07-24 - Security Advisory

FileZilla 3.1.0.1 fixes a vulnerability regarding the way some errors are handled on SSL/TLS secured data transfers.

If the data connection of a transfer gets closed, FileZilla did not check if the server performed an orderly TLS shutdown.

Impact

An attacker could send spoofed FIN packets to the client. Even though GnuTLS detects this with GNUTLS_E_UNEXPECTED_PACKET_LENGTH, FileZilla did not record a transfer failure in all cases.

Unfortunately not all servers perform an orderly SSL/TLS shutdown. Since this cannot be distinguished from an attack, FileZilla will not be able to download listings or files from such servers.

Affected versions

All versions prior to 3.1.0.1 are affected. This vulnerability has been fixed in 3.1.0.1