1.0.41

• MariaDB and MySQL 5.5+ are now fully supported
• MySQL <= 4.0.0 is not supported any more
• Some Linux distributions ship a version of OpenSSH without support for ECC. Pure-FTPd can now be compiled on these.
• New command-line switch: -2/--certfile= to set the path to the certificate file when using TLS.

1.0.40

• Support for TCP_FASTOPEN added on Linux
• The LDAP configuration file didn't allow a default gid without also defining a default uid. This is no longer the case.
• The process handling a user session could be crashed by trying to match a file pattern longer than the maximum length for a path. This has been fixed. Upgrading is recommended.

1.0.39

• Compilation fix for ancient versions of OpenSSL.
• TLS sockets shutdown fixed in order to prevent incomplete transfers.

1.0.38

• Passwords hashed using scrypt can be used in the MySQL, PostgreSQL
  and LDAP backends.
• Support for TLS forward secrecy was added. If you are upgrading and
  using TLS, please run the following command prior to launching the new
  version:

# openssl dhparam -out /etc/ssl/private/pure-ftpd-dhparams.pem 2048

1.0.37

• The -C: prefix can be added to the cipher suite in order to make valid
  client certificates mandatory. This is no longer a compile-time option.
• The Clear Command Channel (CCC) command is now supported.
• SSL (v2, v3) is refused by default.
• The PureDB backend supports the scrypt function in order to hash
  passwords. This is the preferred algorithm, but requires the presence
  of libsodium.
• LDAP uid and gid values can over overridden in the LDAP configuration file.