SecureFX(R) 9.3.2 (Official) -- February 7, 2023 Copyright (C) 1995-2023 VanDyke Software, Inc. All rights reserved. This file contains the SecureFX product history. It includes lists of new features, changes, and bug fixes sorted by release. For a product description, installation notes, registration information, and contact information, please refer to SecureFX_README.txt (downloaded with this installation). Changes in SecureFX 9.3.2 (Official) -- February 7, 2023 -------------------------------------------------------- Bug Fixes: - Mac: When updating the application on macOS Ventura via "Update now...", the installation may have been corrupted. - Mac/Linux: When using OpenSSH trusted certificates for authentication, if the rsa-sha2-512-cert-v01@openssh.com algorithm was used, authentication could have failed. Changes in SecureFX 9.3.1 (Official) -- December 6, 2022 -------------------------------------------------------- Bug Fix: - When authenticating using an OpenSSH trusted RSA certificate, authentication failed with OpenSSH version 7.7p1 and earlier. Changes in SecureFX 9.3 (Official) -- November 3, 2022 ------------------------------------------------------ Vulnerability addressed: - An external report claims that when using a brute-force attack, sensitive data, such as passwords, stored in the SecureCRT or SecureFX configuration without a configuration passphrase or with a weak configuration passphrase can be cracked in a relatively short amount of time. Direct access to the configuration data is required in order to exploit this vulnerability. Changes in SecureFX 9.3 (Beta 5) -- October 25, 2022 ---------------------------------------------------- Changes: - Windows: Allow the use of ssh-rsa and ssh-dss algorithms for signature verification when FIPS mode is enabled. Bug Fixes: - When authenticating with a public key that was invalid for the remote host, the key would be retried twice before falling back to the next authentication method. - When parsing an FTP server's 220 response string for the server's time specification, if the response string did not contain that information, SecureFX could have crashed. - When SecureFX was launched from an instance of SecureCRT that had a Local Shell session opened, SecureFX unexpectedly prompted for a hostname. - If a session file was renamed or deleted on disk while the application was running, raising the context menu for the session from within the Session Manager could result in a crash. Changes in SecureFX 9.3 (Beta 4) -- September 29, 2022 ------------------------------------------------------ Bug Fixes: - When merging a personal data configuration folder back into the main configuration, the operation could have failed due to a mismatch of session files that should have been ignored. - Windows: When moving the position of an authentication method using keyboard shortcuts, if the up or down button became disabled (due to the method being the topmost or bottom most position), the dialog itself lost keyboard focus. Changes in SecureFX 9.3 (Beta 3) -- August 16, 2022 --------------------------------------------------- Bug Fixes: - If an SFTP connection was interrupted and re-established during a file transfer, the transfer did not continue as expected and interaction with the remote session was not possible. - When connecting to an Amazon S3 session that had an initial directory specified that included a trailing "/" character, the contents of the initial directory were not displayed. - If the value of the "Firewall Name" option in the session .INI file was empty, connecting to the session with SecureFX resulted in a "Firewall was not found in the database" error. - When the application license was stored in a license file (.lic) and the license data was included in a configuration export, importing the license on another machine may not have worked as expected. - When connecting to a remote system using a URL (e.g., sftp://hostname), if the password was specified as part of the URL, the password was not obfuscated in the SecureFX log view or log file. - Windows: Under certain circumstances, the SFXCL process could hang during HTTP operations. - Windows: When starting the application using an alternate configuration path (via the /F command-line option), if the Global.ini file in the alternate location was incomplete, the Global.ini file in the default configuration location was reset. - Mac: On Monterey and later systems, if the application crashed and produced a core dump, the crash reporter dialog reported that no core dump was available. Changes in SecureFX 9.3 (Beta 2) -- July 19, 2022 ------------------------------------------------- New Feature: - Windows: The Global Options and Session Options dialogs can be resized and the size is remembered. Changes: - In the Session Options dialog, the column widths for the Keywords table in the Keyword Highlighting category are remembered. - The Manage Agent Keys dialog can be resized and the size is remembered. Bug Fixes: - If SecureFX was installed as a standalone application and the New Session wizard was used to create a session, SecureFX crashed. - Windows: The Help Search tab did not work. Changes in SecureFX 9.3 (Beta 1) -- June 28, 2022 ------------------------------------------------- New Features: - Added an option to check for updates automatically at startup. - Added the ability to duplicate a session in the Session Manager or Connect dialog. - Added an option that forces a prompt for the hostname when the session connects. - Added the ability to use the algorithms rsa-sha2-512-cert-v01@openssh.com and rsa-sha2-256-cert-v01@openssh.com as OpenSSH certificate types. - SSH2: Added support for using the x509v3-rsa2048-sha256 algorithm for authentication (RFC 6187). - Windows: Added support for using rsa-sha2-256 and rsa-sha2-512 public-key algorithms as raw SSH2 keys for CAPI certificates (RFC 8332). - Windows: Added support for using x509v3-ecdsa-sha2* algorithms from RFC 6187 for keys in the CAPI store and as raw SSH2 keys. - Windows: Added an administrative option that suppresses the prompt for a configuration passphrase the first time the application runs. Changes: - For new installations, the Session Manager is on by default. - The number of sessions that can be opened simultaneously before a warning is displayed can now be configured. - SSH2: Trace output for the host key now includes the type and size. - SSH2: The View Host Key dialog now includes the type and size for the selected host key. Bug Fixes: - When connecting to an Arista switch, the file listing may not have been displayed as expected. - Windows: When selecting a recent session from the SecureFX taskbar icon, the session did not open as expected. - Windows: When selecting the "Connect..." or "Quick Connect..." options from the SecureFX taskbar icon, the expected dialog was not displayed. - Windows: When authenticating with a certificate from the personal CAPI store, if the "Use certificate as raw SSH2 key" option was enabled, the key was not correctly added to agent and a subsequent connection could fail with an agent signature error. - Windows: Multiple CAPI errors could have been reported when attempting to display a certificate fingerprint if the fingerprint for any certificate could not be obtained. - Windows: If the signature failed to verify for the protocol or Python DLLs, the file path displayed on the warning dialog may have been cut off. - Mac: If a network connection was unavailable while checking for an update via "Update Now", the error displayed did not report a helpful message. - Mac/Linux: When an SFTP session was connected to a remote UNIX server, uploading a file that contained a colon character as part of the filename would have been uploaded to the remote user's home directory instead of the current working directory.