SecureCRT(R) 9.3.2 (Official) -- February 7, 2023
Copyright (C) 1995-2023 VanDyke Software, Inc.
All rights reserved.
This file contains the SecureCRT product history. It includes lists
of new features, changes, and bug fixes sorted by release. For a
product description, installation notes, registration information,
and contact information, please refer to SecureCRT_README.txt
(downloaded with this installation).
Changes in SecureCRT 9.3.2 (Official) -- February 7, 2023
---------------------------------------------------------
Bug Fixes:
- When using "Receive ASCII" to capture data from the remote
system, the captured data may have been corrupt.
- When keyword highlighting was enabled, not all phrases were
highlighted as expected.
- Windows: When using the JAWS screen reader, characters displayed
in the terminal were sometimes not read as expected.
- Mac: When updating the application on macOS Ventura via
"Update now...", the installation may have been corrupted.
- Mac: If the application path specified for a "Launch
Application" action contained four or fewer characters,
SecureCRT could have crashed when that action was launched.
- Mac/Linux: When using OpenSSH trusted certificates for
authentication, if the rsa-sha2-512-cert-v01@openssh.com
algorithm was used, authentication could have failed.
Changes in SecureCRT 9.3.1 (Official) -- December 6, 2022
---------------------------------------------------------
Bug Fix:
- When authenticating using an OpenSSH trusted RSA certificate,
authentication failed with OpenSSH version 7.7p1 and earlier.
Changes in SecureCRT 9.3 (Official) -- November 3, 2022
-------------------------------------------------------
Vulnerability addressed:
- An external report claims that when using a brute-force attack,
sensitive data, such as passwords, stored in the SecureCRT or
SecureFX configuration without a configuration passphrase or with
a weak configuration passphrase can be cracked in a relatively
short amount of time. Direct access to the configuration data is
required in order to exploit this vulnerability.
Change:
- Windows: When the command-line utilities are installed with the
SecureCRT standalone installer, the install path is added to
the PATH environment variable.
Changes in SecureCRT 9.3 (Beta 5) -- October 25, 2022
-----------------------------------------------------
Changes:
- Windows: Allow the use of ssh-rsa and ssh-dss algorithms for
signature verification when FIPS mode is enabled.
Bug Fixes:
- When authenticating with a public key that was invalid for the
remote host, the key was retried twice before falling back to
the next authentication method.
- If a session file was renamed or deleted on disk while the
application was running, raising the context menu for the
session from within the Session Manager could have resulted
in a crash.
- If the scrollback buffer size was set to zero, attempting to
extend a text selection into the non-existent scrollback
resulted in a crash.
- When an existing configuration was migrated to the new
encryption standard, Session Logon Actions may have failed to
migrate and could have been reset to default settings.
- Keyword highlighting changes for a connected session were not
applied to the current session view.
- Windows: When connecting to an RDP host from a script and an
invalid credentials file was referenced, the RDP tab could not
be closed.
- Command-line tools: If the host key algorithm preference list
was specified on the command line, the algorithm order was not
always honored.
Changes in SecureCRT 9.3 (Beta 4) -- September 29, 2022
-------------------------------------------------------
Bug Fixes:
- When merging a personal data configuration folder back into the
main configuration, the operation could have failed due to a
mismatch of session files that should have been ignored.
- When SecureCRT was started from the command line with a script
that automatically reconnects the session, an error stating "Only
one script can be run at a time" would be displayed if the session
was disconnected.
- Windows: Under certain circumstances, if a script was cancelled
during a sleep operation, SecureCRT could have crashed once the
sleep operation completed.
- Windows: When running grep with color options enabled on a large
amount of output, the SecureCRT UI could have been slow to respond.
- Windows: When multiple top-level SecureCRT windows were open, if
the Command Window was toggled on in one of the windows, the
right-click context menu could have failed to display in various
locations.
- Windows: If a large number of tabs were open, causing the tab
widths to be truncated, renaming a tab label via a script could
have resulted in the tab size expanding to full width, then
resizing to the correct truncated size.
- Windows: When moving the position of an authentication method
using keyboard shortcuts, if the up or down button became
disabled (due to the method being the topmost or bottom most
position), the dialog itself lost keyboard focus.
Changes in SecureCRT 9.3 (Beta 3) -- August 16, 2022
----------------------------------------------------
Bug Fixes:
- Under certain cases, if a script was cancelled during a sleep
operation, SecureCRT could crash once the sleep completed.
- If the "Preserve window size when opening sessions" option was
enabled, connecting to a session that reused a disconnected tab
caused the window to unexpectedly resize.
- When launching the application with a new configuration, the
Quick Connect dialog was not displayed at startup as expected.
- If there were a large number of tabs open, causing the tab
widths to be truncated, renaming a tab label via a script could
have resulted in the tab size expanding to full width, then
resizing to the correct truncated size.
- When the application license was stored in a license file (.lic)
and the license data was included in a configuration export,
importing the license on another machine may not have worked as
expected.
- Windows: When starting the application using an alternate
configuration path (via the /F command-line option), if the
Global.ini file in the alternate location was incomplete, the
Global.ini file in the default configuration location would have
been reset.
- Mac: When "Scale the font" resize method was configured for a
session, the text displayed in the terminal view could become
unreadable with certain window sizes.
- Mac: On Monterey and later systems, if the application crashed
and produced a core dump, the crash reporter dialog reported that
no core dump was available.
Changes in SecureCRT 9.3 (Beta 2) -- July 19, 2022
--------------------------------------------------
New Feature:
- Windows: The Global Options and Session Options dialogs can be
resized and the size is remembered.
Changes:
- In the Session Options dialog, the column widths for the Keywords
table in the Keyword Highlighting category are remembered.
- The Manage Agent Keys dialog can be resized and the size is
remembered.
Bug Fixes:
- Windows: The Help Search tab did not work.
- Windows: When running a Perl script, setting the Screen object's
IgnoreCase property to true had no effect.
- Windows: When running a Perl script, the IgnoreCase parameter in
the ReadString and WaitForString methods was interpreted as the
timeout parameter.
- Windows: If the "Enable alternate screen switching" option was
disabled while the "Add alternate screen output to scrollback"
sub-option was enabled, the sub-option was shown as enabled after
re-opening the Session Options dialog.
Changes in SecureCRT 9.3 (Beta 1) -- June 28, 2022
--------------------------------------------------
New Features:
- Added an option to check for updates automatically at startup.
- Added the ability to specify saved credentials in "Send" Logon
Actions.
- Added a global option that preserves the application window
size when a session is opened.
- For keyword highlighting, the "Match case" option can now be
specified per keyword. Previously, it could only be specified
for the entire keyword list.
- For keyword highlighting, attributes such as bold and reverse
video can now be specified for individual keywords.
- Added the ability to resize the Keyword List Properties dialog.
- Added an option that forces a prompt for the hostname when the
session connects.
- Added the ability to disable individual local and remote port
forwards.
- Added the ability to duplicate a session in the Session Manager
or Connect dialog.
- Added the ability to duplicate local and remote port forwards.
- Added the ability to correlate a PKCS#11 private key to an
OpenSSH Trusted Certificate for public-key authentication.
- Added the ability to configure the session font from the tab
right-click menu.
- Added a global INI-file-only option to disable tooltips for
tabbed sessions.
- Added the ability to use the algorithms
rsa-sha2-512-cert-v01@openssh.com and
rsa-sha2-256-cert-v01@openssh.com as OpenSSH certificate types.
- SSH2: Added support for using the x509v3-rsa2048-sha256 algorithm
for authentication (RFC 6187).
- Windows: Added support for using rsa-sha2-256 and rsa-sha2-512
public-key algorithms as raw SSH2 keys for CAPI certificates
(RFC 8332).
- Windows: Added support for using x509v3-ecdsa-sha2* algorithms
from RFC 6187 for keys in the CAPI store and as raw SSH2 keys.
- Windows: Added the ability to import RDP sessions using the Text
Import wizard.
- Windows: Added an administrative option that suppresses the
prompt for a configuration passphrase the first time the
application runs.
- Windows: Added an administrative option that disables Expect/Send
logon actions and logon scripts.
- Windows: Added an administrative option for disabling non-secure
file transfers.
- Windows: Added the ability to pass command-line arguments to the
shell for local shell sessions.
- Windows: Added an icon for the "Keyword Highlighting" menu item,
which can also be used when customizing the toolbar.
- Windows: A suite of separate command-line utilities (formerly
the VanDyke ClientPack) for securely automating file transfer,
shell, and public-key administration tasks is included with
SecureCRT.
- Mac/Linux: The tarball installer includes a suite of separate
command-line utilities (formerly the VanDyke ClientPack) for
securely automating file transfer, shell, and public-key
administration tasks.
Changes:
- Improved speed of terminal output display when the host sends
screen changes that do not cause scrolling.
- Increased the character limit for keywords from 246 to 2048,
which allows more complex regular expressions to be specified
for keyword highlighting.
- In the Edit Keyword dialog, the keyword text box is larger,
which makes it easier to edit complex regular expressions for
keyword highlighting.
- The session option "Alternate Screen Output Added To Scrollback"
can now be set in the Session Options dialog.
- The "New Input" connection status indicator can be turned off.
- The number of sessions that can be opened simultaneously before
a warning is displayed can now be configured.
- The session name is now included in the trace output.
- SSH2: Trace output for the host key now includes the type and
size.
- SSH2: The View Host Key dialog now includes the type and size
for the selected host key.
- Windows: If there's a signature failure when attempting to load
a Python DLL, a prompt is displayed, which allows the signature
failure to be ignored once or always, or disable Python scripting.
- Windows: When the Quick Connect dialog is displayed, initial
focus is placed in the Protocol field when the global option
"Use trackable insertion caret" is checked. Otherwise, initial
focus is placed in the Hostname field.
- Windows: Added the ability to set the "Close on disconnect"
option for RDP sessions.
- Windows: Added "Find" to the right-click menu for the scratchpad
and script editor.
- Windows: The default search direction is down when doing a find
in a scratchpad or script editor.
- Mac/Linux: When the Quick Connect dialog is displayed, initial
focus is placed in the Hostname field.
Bug Fixes:
- Under unknown conditions, a TFTP transfer from a Cisco device
could have resulted in a crash.
- If a script referenced a tab object for a tab that had been
closed, SecureCRT could have crashed.
- Modifying keyword highlighting settings could have caused
SecureCRT to go unresponsive.
- When connecting to multiple sessions sequentially, if the "Exit
when last session is disconnected" option was enabled and the
first session failed to connect, the application window closed,
preventing subsequent sessions from connecting.
- When resizing the window while there was text selected in the
terminal view, the selection would not be cleared, resulting in
the selection moving to a different block of text.
- If keyword highlighting was disabled for a connected session, the
highlighting was not cleared in the scrollback buffer.
- When using the "Retain size and font" or "Scale the font" session
resize options and all text in the view was selected, the
selection may not have been cleared when the session window was
resized.
- When a YModem transfer over a serial connection between two
paired COM ports successfully completed or was canceled, the
Transfer menu items remained disabled.
- Under certain scenarios, when using public-key authentication
with agent forwarding enabled, keys were added to the remote
agent.
- If a session was disconnected while an alternate screen
application (e.g., screen, mc) was running, the scrollback
buffer was disabled if another session re-used the disconnected
tab.
- When setting the tab caption via a script, the window title was
updated when the tab running the script did not have focus.
- When a newly connected session re-used a disconnected tab, the
"Add alternate screen output to scrollback" option state for
the disconnected tab was used.
- Windows: Under rare circumstances, when closing the application
while an RDP session was connected, a crash could have occurred.
- Windows: If the "Connect to multiple sessions sequentially" option
was enabled and multiple RDP sessions attempted to connect at once,
only one session connected.
- Windows: If a Local Shell session was disconnected or closed
while processing a large amount of scrolling data, SecureCRT
could have become unresponsive.
- Windows: When authenticating with a certificate from the
personal CAPI store, if the "Use certificate as raw SSH2 key"
option was enabled, the key was not correctly added to agent
and a subsequent connection could have failed with an agent
signature error.
- Windows: When connecting to a server that used an X.509
certificate for the host key and the certificate met all
requirements for automatic acceptance of the host key by the
client, the application still prompted the user to manually
accept and save the key.
- Windows: When a Python 2 script was run from the Button Bar or
Command Manager and the script was sent to multiple connected
sessions, a dialog reporting a "Codec Registry" error may have
been displayed.
- Windows: When searching for text within a scratchpad or script
editor session, the view did not scroll with the search.
- Windows: When the "Single Instance" option was enabled, opening
the "Connect..." or "Quick Connect..." options from the SecureCRT
taskbar icon failed.
- Windows: Multiple CAPI errors could have been reported when
attempting to display a certificate fingerprint if the
fingerprint for any certificate could not be obtained.
- Windows: If the signature failed to verify for the protocol or
Python DLLs, the file path displayed on the warning dialog may
have been cut off.
- Mac: When "Scale the font" resize method was configured for a
session, the text displayed in the terminal view could have
become unreadable with certain window sizes.
- Mac: When the abbreviated SecureCRT menu bar was displayed (e.g.,
when the SecureCRT main window was closed to the dock), the
"Update Now..." menu item failed to launch the update utility.
- Mac: If a network connection was unavailable while checking for
an update via "Update Now", the error displayed did not report a
helpful message.
- Mac/Linux: If the Command Manager was pinned or floating,
sending a command to a session did not move focus to the
terminal view.
- Mac/Linux: When connected to a remote UNIX server using the
SFTP tab, uploading a file that contained a colon character as
part of the name would have been uploaded to the remote user's
home directory instead of the current working directory.
- VSFTP (Mac/Linux): When connected to a remote UNIX server,
uploading a file that contained a colon character as part of the
filename would have been uploaded to the remote user's home
directory instead of the current working directory.
