Green End SFTP Server release 0.2.1 (SECURITY)

Richard Kettlewell rjk at
Thu Oct 9 23:59:27 BST 2014

This is to announce release 0.2.1 of my experimental SFTP server.  It is 
possible to use it with the OpenSSH server as a drop-in replacement for 
the SFTP server that it ships with.

It differs from the OpenSSH SFTP server in the following ways:
     * Support for protocol versions up to 6
     * Several SFTP extensions
     * Concurrent handling of pipelined requests

In this release, on Linux, access to /proc/self/mem is disabled. This 
removes a means of remote code execution. Anyone using older versions 
should upgrade immediately.

See for discussion of the 
analogous situation in OpenSSH.

For more information please visit:


More information about the sgo-software-announce mailing list