Debian Package Tracker
Register | Log in
Subscribe

filezilla

Full-featured graphical FTP/FTPS/SFTP client

Choose email to subscribe with

general
  • source: filezilla (main)
  • version: 3.70.6-2
  • maintainer: Michael Lloyd (DMD)
  • arch: all any
  • std-ver: 4.7.4
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 3.52.2-3+deb11u1
  • oldstable: 3.63.0-1+deb12u3
  • stable: 3.68.1-1
  • testing: 3.69.6-2
  • unstable: 3.70.6-2
versioned links
  • 3.52.2-3+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.63.0-1+deb12u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.68.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.69.6-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.70.6-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • filezilla (2 bugs: 0, 1, 1, 0)
  • filezilla-common (1 bugs: 0, 0, 1, 0)
action needed
Problems while searching for a new upstream version high
uscan had problems while searching for a new upstream version:
Untrackable project: Upstream serves source only via tokenised single-shot CDN URLs reached through an AES-encrypted download page (see https://trac.filezilla-project.org/ticket/13186); track releases manually via https://filezilla-project.org/newsfeed.php
Created: 2025-11-26 Last update: 2026-07-18 15:02
1 new commit since last upload, is it time to release? normal
vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:
commit 45124d5cdc87dede5d709d4de5cfacc3e5345139
Author: Michael Lloyd <michael@micl.dev>
Date:   Tue Jul 14 08:04:21 2026 +1000

    d/salsa-ci.yml: Disable uscan tests for Salsa CI as upstream is marked untrackable
Created: 2026-07-14 Last update: 2026-07-14 10:48
lintian reports 1 warning normal
Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.
Created: 2026-07-14 Last update: 2026-07-14 06:17
Issues found with some translations low

Automatic checks made by the Debian l10n team found some issues with the translations contained in this package. You should check the l10n status report for more information.

Issues can be things such as missing translations, problematic translated strings, outdated PO files, unknown languages, etc.

Created: 2026-02-16 Last update: 2026-07-14 14:01
debian/patches: 2 patches to forward upstream low

Among the 3 debian patches available in version 3.70.6-2 of the package, we noticed the following issues:

  • 2 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.
Created: 2023-02-26 Last update: 2026-07-14 08:02
1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:
  • CVE-2024-31497: (needs triaging) In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim's private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim's private key) can derive the victim's private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6.

You can find information about how to handle this issue in the security team's documentation.

Created: 2024-12-30 Last update: 2026-07-14 01:33
testing migrations
  • excuses:
    • Migration status for filezilla (3.69.6-2 to 3.70.6-2): Waiting for test results or another package, or too young (no action required now - check later)
    • Issues preventing migration:
    • ∙ ∙ Too young, only 4 of 5 days old
    • Additional info (not blocking):
    • ∙ ∙ Piuparts tested OK - https://piuparts.debian.org/sid/source/f/filezilla.html
    • ∙ ∙ Reproduced on amd64 - info
    • ∙ ∙ Reproduced on arm64 - info
    • ∙ ∙ Reproduced on armhf - info
    • ∙ ∙ Reproduced on i386 - info
    • Not considered
news
[rss feed]
  • [2026-07-13] Accepted filezilla 3.70.6-2 (source) into unstable (Gianfranco Costamagna)
  • [2026-07-13] Accepted filezilla 3.70.6-1 (source) into unstable (Michael Lloyd) (signed by: Gianfranco Costamagna)
  • [2026-03-14] filezilla 3.69.6-2 MIGRATED to testing (Debian testing watch)
  • [2026-03-08] Accepted filezilla 3.69.6-2 (source) into unstable (Andreas Rönnquist)
  • [2026-02-20] filezilla 3.69.6-1 MIGRATED to testing (Debian testing watch)
  • [2026-02-15] Accepted filezilla 3.69.6-1 (source) into unstable (Andreas Rönnquist)
  • [2025-11-20] filezilla 3.69.5-1 MIGRATED to testing (Debian testing watch)
  • [2025-11-14] Accepted filezilla 3.69.5-1 (source) into unstable (Andreas Rönnquist)
  • [2025-08-21] filezilla 3.69.3-1 MIGRATED to testing (Debian testing watch)
  • [2025-08-14] Accepted filezilla 3.69.3-1 (source) into unstable (Andreas Rönnquist)
  • [2025-01-03] filezilla 3.68.1-1 MIGRATED to testing (Debian testing watch)
  • [2024-12-28] Accepted filezilla 3.68.1-1 (source) into unstable (Andreas Rönnquist)
  • [2024-11-06] filezilla 3.68.0-1 MIGRATED to testing (Debian testing watch)
  • [2024-10-31] Accepted filezilla 3.68.0-1 (source) into unstable (Andreas Rönnquist)
  • [2024-10-31] filezilla 3.68.0~rc1-1 MIGRATED to testing (Debian testing watch)
  • [2024-10-23] Accepted filezilla 3.68.0~rc1-1 (source) into unstable (Andreas Rönnquist)
  • [2024-07-29] filezilla 3.67.1-2 MIGRATED to testing (Debian testing watch)
  • [2024-07-23] Accepted filezilla 3.67.1-2 (source) into unstable (Andreas Rönnquist)
  • [2024-07-17] filezilla 3.67.1-1 MIGRATED to testing (Debian testing watch)
  • [2024-07-11] Accepted filezilla 3.67.1-1 (source) into unstable (Andreas Rönnquist)
  • [2024-07-09] filezilla 3.67.1~rc1-1 MIGRATED to testing (Debian testing watch)
  • [2024-07-03] Accepted filezilla 3.67.1~rc1-1 (source) into unstable (Andreas Rönnquist)
  • [2024-05-08] filezilla 3.67.0-1 MIGRATED to testing (Debian testing watch)
  • [2024-04-18] Accepted filezilla 3.67.0-1 (source) into unstable (Phil Wyett)
  • [2024-02-28] filezilla 3.66.5-2 MIGRATED to testing (Debian testing watch)
  • [2024-02-13] Accepted filezilla 3.66.5-2 (source) into unstable (Phil Wyett)
  • [2024-02-13] Accepted filezilla 3.66.5-1 (source) into unstable (Phil Wyett)
  • [2024-01-19] filezilla 3.66.4-2 MIGRATED to testing (Debian testing watch)
  • [2024-01-14] Accepted filezilla 3.66.4-2 (source) into unstable (Phil Wyett)
  • [2024-01-08] Accepted filezilla 3.52.2-3+deb11u1 (source) into oldstable-proposed-updates (Debian FTP Masters) (signed by: Gianfranco Costamagna)
  • 1
  • 2
bugs [bug history graph]
  • all: 3
  • RC: 0
  • I&N: 1
  • M&W: 2
  • F&P: 0
  • patch: 0
links
  • homepage
  • lintian (0, 1)
  • buildd: logs, reproducibility, cross
  • popcon
  • browse source code
  • other distros
  • security tracker
  • screenshots
  • l10n (-, 98)
  • debian patches
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 3.70.6-2

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing