VanDyke Software

SecureFX History


           SecureFX(R) 8.7.3 (Official) -- August 11, 2020

            Copyright (C) 1995-2020 VanDyke Software, Inc.
                       All rights reserved.


This file contains the SecureFX product history.  It includes lists of
new features, changes, and bug fixes sorted by release.  For a product
description, installation notes, registration information, and contact
information, please refer to SecureFX_README.txt (downloaded with this 
installation).


Changes in SecureFX 8.7.3 (Official) -- August 11, 2020
-------------------------------------------------------

Bug fixes:

  - Uploading a zero byte file to certain FTPS servers could fail
    with a "Network connection does not exist" error.
  - When connecting to an FTP server on a Windows Embedded Compact
    (Windows CE) system, SecureFX would not auto-detect the operating
    system as Windows NT.
  - When the latest version of SecureFX was installed, running "Check
    for Updates" or "Update Now" incorrectly reported that an update
    was available.
  - Windows: On high DPI monitors with a large scaling factor set,
    text displayed on the Keyboard Interactive authentication prompt
    could have been cut off.
  - Windows: When using CAPI to access a certificate located on a
    smart card and the CAPI store contained multiple certificates,
    there could be a delay before being prompted for the smart
    card pin.
  - HTTPS: When connecting to an HTTPS (WebDAV) server, if a failed
    authentication attempt was immediately followed by a successful
    attempt, the connection still failed.
  - Mac/Linux: Text displayed on the Keyboard Interactive and View
    Host Key dialogs could not be selected or copied.
  - Mac/Linux: When a public key that had a comment specified in
    the key data was added to the agent, the Manage Agent Keys
    dialog did not display the comment.


Changes in SecureFX 8.7.2 (Official) -- May 14, 2020
----------------------------------------------------

Bug fixes:

  - Windows: When synchronized file browsing was enabled, changing
    folders in rapid succession in the local window could have
    resulted in a crash. 
  - Mac: Attempting to authenticate using a YubiKey smartcard with
    the "opensc-pkcs11.so" library specified as the PKCS#11 provider
    resulted in an error, because the library could not be loaded.
  - Mac/Linux: If the remote directory specified for a synchronize
    operation already existed, certain servers returned a "File not
    found" error instead of a "File exists" error when SecureFX
    attempted to create the remote directory.  This caused SecureFX
    to terminate the synchronize operation.  SecureFX now checks to
    see if the remote directory already exists and continues with
    the synchronize operation. 


Changes in SecureFX 8.7.1 (Official) -- March 17, 2020
------------------------------------------------------

Changes:

  - SSH2: When doing public-key authentication, if there is no
    corresponding private-key file without an extension and there
    is a private-key file with a .ppk extension, it will be used.
  - Mac/Linux: When ENTER is pressed on a folder in the Session
    Manager, it is expanded or collapsed.  Previously, all the
    sessions in the folder were connected.

Bug fixes:

  - When transferring multiple files at once to or from a Microsoft
    IIS FTP server, some of the transfers may not have completed.
  - In the Manage Agent Keys dialog, the columns expanded every time
    the dialog opened, which eventually caused all column headers to
    disappear.
  - Mac/Linux: In the Session Manager, when attempting to give a
    folder a name that conflicted with an existing folder name, the
    original or default name was used, instead of allowing a
    different name to be specified.


Changes in SecureFX 8.7 (Official) -- February 11, 2020
-------------------------------------------------------

Changes:

  - SFTP: Keyboard-interactive authentication works with a prompt
    that contains "password" with any combination of upper and
    lower case letters (e.g., "Password" or "PASSWORD").
  - SFXCL: Keyboard-interactive authentication works with a prompt
    that contains "password" with any combination of upper and
    lower case letters (e.g., "Password" or "PASSWORD").


Changes in SecureFX 8.7 (Beta 4) -- January 28, 2020
----------------------------------------------------

Bug fixes:

  - When SecureCRT and SecureFX were integrated, if a connected
    session name contained Chinese characters, attempting to open that
    session in SecureFX by clicking the SecureFX button on SecureCRT's
    toolbar resulted in a "Session was not found in database" error.
  - If SecureFX was launched from SecureCRT with an unsaved Quick
    Connect session and then SecureFX was closed, the default session's
    hostname was set to the Quick Connect session's hostname.
  - Mac: If there were a small number of saved sessions, SecureFX could
    hang when a session or folder was renamed or moved.
  - Mac: The date format specified in the Language & Region system
    settings was not honored in the "Date Modified" column in the local
    and remote windows.
  - Mac: If the Session Manager was moved to a different monitor, when
    SecureFX restarted, the Session Manager was displayed on the same
    monitor as SecureFX.
  - Mac: If the "Show Session Manager or Connect dialog on startup"
    global option was set and the Session Manager was docked and
    unpinned (auto-hide), it was not shown at startup.
  - Mac/Linux: The keyboard shortcuts to move focus from a local or
    remote window into the Session Manager did not work if it was
    docked and pinned.
  - Linux: The Index, Glossary, and Search help tabs did not work
    correctly.


Changes in SecureFX 8.7 (Beta 3) -- January 9, 2020
---------------------------------------------------

Changes:

  - When a remote session that will pair with a local window is
    connected, a new local window is opened and paired with the remote
    window.  If only a local window is open when the remote session is
    connected, it will pair with that local window. 
  - Added a global option that suppresses dependent session updating
    when a session is moved or renamed.
  - Windows: The tabs of paired local and remote windows now have the
    same color background.  For some display themes, there's a colored
    line over the tab.

Bug fixes:

  - Mac: On Catalina, after uploading a single file by dragging it
    from a local window to a remote window, multiple selected items
    in a local window could no longer be dragged to a remote window
    and on exit, SecureFX crashed.
  - SFXCL: When an SFXCL synchronize operation completed and was
    exiting, the application could crash.
  - SFXCL: When SFXCL reported a prior crash, the crash report was
    displayed in a pop up dialog.  If SFXCL was running as an
    unattended process, this caused the process to hang waiting for
    the dialog to be dismissed.  SFXCL now displays crash reports in
    the console window.
  - Mac: When the system was using Dark Mode, the foreground of some of
    the icons in SecureFX was too dark.


Changes in SecureFX 8.7 (Beta 2) -- December 17, 2019
-----------------------------------------------------

New feature:

  - Added a session option to specify whether the remote window should
    be paired with a local window when the session connects.

Changes:

  - When exporting settings, if the .pub file is specified as a global
    or session public-key file, the private-key file will also be
    exported (and imported).
  - Windows: When the SecureFX installer is run by a user with
    administrator privileges, but is not currently elevated, the License
    wizard now asks if SecureFX should be installed for all users or
    only the current user.

Bug fixes:

  - When a synchronize or transfer tab was displayed next to a connected
    session tab, the synchronize/transfer tab displayed artifacts from
    the session tab.
  - When exporting a configuration that included public-key files
    located under the user's Documents directory, an incorrect templated
    replacement path parameter was used for the key file location.
  - Mac/Linux: A file download could hang if the transfer type dialog
    was displayed prior to the file overwrite confirmation dialog.
  - Linux: The SecureFX Help file could not be opened in Firefox
    version 68 or later.
  - Linux: SecureFX displayed a crash notification at startup for files
    that were not core dumps found in SecureFX's Cores directory.


Changes in SecureFX 8.7 (Beta 1) -- November 20, 2019
-----------------------------------------------------

New features:

  - Added support for the HTTPS (WebDAV) file transfer protocol.
  - Added support for remote server file copies.  This feature allows
    a remote file to be copied to another location on the same server
    without a download-upload sequence.  This feature works with SFTP
    servers that have implemented the "copy-file" SFTP extension,
    HTTP WebDav servers, and some SCP servers.
  - Added the ability to open multiple local windows within SecureFX.
    A session that is doing synchronized browsing has its own local
    window.
  - The Session Manager and Connect dialog session filter fields now
    have the ability to filter sessions based on the top level folder
    the sessions reside in.  When filtering, the folder name must be
    followed by the forward slash character in order to list the
    sessions within that folder.
  - SSH2: Added support for the diffie-hellman-group14-sha256,
    diffie-hellman-group16-sha512, and diffie-hellman-group18-sha512
    key-exchange algorithms.
  - SSH2: Added support for x509v3-ecdsa-sha2 algorithms per RFC 6187 for
    PKCS #11.
  - Added support for the FTP MFF, MFMT, and SITE UTIME commands.
    These commands allow the timestamp to be set on a remote file
    that has been uploaded to the FTP server.
  - Added support for the FTP MFF Unix.Mode command.  This command
    allows folder and/or file permissions to be set on the remote
    FTP server.
  - Added a "Use Copy to Preserve Permissions" global INI-file-only
    option that allows remote file copy operations to preserve the
    target file's permissions when being overwritten.  This feature
    works with servers that support remote file copies.
  - Added the ability to use URLs in synchronize operations in both
    SecureFX and the SFXCL command-line utility.
  - SFXCL: Wildcards can be used with the /CHMOD command-line option.
  - Mac: Added support for Dark Mode on macOS 10.14 and later.
  - Mac: Added a session option "Move deleted local files to the Trash"
    that specifies whether or not local files deleted during transfer
    and synchronize operations should automatically be put in the
    system Trash folder.
  - Windows: Added a new firewall type "Proxy command" which allows a
    local proxy command to be run when connecting to a remote server.
  - Windows: Added a global option for specifying which TLS versions
    are allowed.
  - Linux: Support for Ubuntu 19.04 has been added.

Changes:

  - Mac: macOS installers are now notarized by Apple.  This tells 
    Gatekeeper on the system that the software has been scanned by
    Apple for malicious software and is trusted.
  - It is now possible to save sessions that were created using Quick
    Connect, the Connect bar, or the command line.
  - If a firewall name is changed, any sessions using that firewall
    are updated with the new firewall name.
  - If a session is renamed or moved, any sessions using that session
    as a dependent session firewall are updated with the new session
    name or location.
  - When deleting a synchronize session, a confirmation dialog is
    displayed before the synchronize session is deleted.
  - When deleting a key from agent, a confirmation dialog is displayed
    before the key is deleted.
  - With smart card authentication, the presence of the private key is
    verified before attempting to use the corresponding public key.
  - When generating a new RSA key, the default size is now 3072 bits.
  - SSH2: If a session's username is empty and the saved password is
    empty or incorrect, the username is now saved when it is entered
    in the Enter Secure Shell Password dialog and the "Save password"
    option is checked.  Previously, the username could be entered in
    the dialog, but was not saved to the session.
  - Added VxWorks to the list of FTP/SFTP operating systems in the
    Session Options dialog.
  - SecureFX now logs when the SSH_MSG_USERAUTH_PK_OK response is
    received from the server during public-key authentication.
  - TLS session context information, including whether TLS session
    resumption was used, is now logged.
  - For FTP and SCP connections, the operating system for the remote
    machine or device is now logged.
  - When the logging verbosity is set to level 8 or higher, SecureFX
    logs the PGP commands executed.
  - Removed a "SUMMARY:" tag from several log lines that summarized
    the transfer results.
  - Windows: The VanDyke Update utility now reports the actual error
    text, rather than just an error number, when checking for updates
    fails.

Bug fixes:

  - If an SFXCL connection that was using an HTTP or Generic proxy was
    closed before the proxy command was sent, the application could
    have crashed.
  - Canceling an SFXCL synchronize operation could cause the
    application to crash.
  - If the SecureFX main window was closed while a synchronize
    comparison operation was in progress, the application could crash.
  - In certain scenarios, SecureFX could crash after initiating a
    transfer using drag and drop.
  - Under certain circumstances, when re-prompting for authentication
    credentials after a failed authentication attempt, SecureFX could
    crash.
  - When uploading a large number of files to certain FTP servers, the
    transfer could fail, and in rare circumstances, SecureFX could
    crash.
  - If a string greater than 5000 characters in length was entered in
    certain fields (Connect Bar, Search Filter, etc.), SecureCRT could
    freeze.
  - When the remote directory specified for a synchronize session
    already existed on the remote server as a file, this was not
    recognized as an error and the Synchronize dialog could not be
    dismissed.
  - If the network connection was interrupted during a synchronize
    operation, the state of the operation could become invalid.
  - The remote file path browse button in the Quick Synchronize and
    Synchronize Session Properties dialogs did not work if the remote
    system was a VShell for Windows FTP server.
  - When connected to a server that did not include file attributes
    in directory listings, the transfer window displayed downloaded
    files with a size of 0 and transfer progress did not update.
  - When using the personal data configuration option, it was possible
    to get into a situation where both the main configuration folder
    and the personal data folder were pointing at the same location,
    which could have caused the personal data (e.g., usernames,
    passwords, etc.) to be lost.
  - When an invalid or expired license was encountered at startup,
    SecureFX failed to look in other locations for a valid license.
  - When an FTPS or HTTPS connection was interrupted during a file
    transfer, the connection did not attempt to reconnect and resume
    the transfer.
  - In rare circumstances, an FTP transfer could appear to fail if a
    read request occurred after all of the data had been received and
    processed.
  - If the tree view was off and a remote session tab (or the local
    tab) was closed and re-opened, the tree view was half the width of
    the session view.
  - When configuring a dependent session as a firewall (jump host), a
    session that was invalid for the current session could have been
    selected by double clicking the invalid session.
  - When the Session Manager or Connect dialog tree was arranged
    manually, folders may not have been displayed in the expected
    order.
  - When using the Session Manager, changes made to existing sessions
    by a configuration import were not shown until SecureFX restarted.
  - When SecureCRT and SecureFX were installed as a combined
    installation (integrated) and a configuration import or export
    operation was performed from SecureFX, SecureCRT's button bar
    configuration was not included in the import/export.
  - If an invalid initial remote directory was specified for a
    session, the error was logged with unexpected blank lines.
  - When the logging verbosity was set to level 9 (packet trace),
    lines that exceeded a certain length were not displayed in the
    log view as expected.
  - Windows: On some Windows operating systems, starting SecureCRT
    could cause all desktop icons to refresh.
  - Mac/Linux: Connecting to a server that was configured with a
    4096-bit DSA host key could result in an unsupported bit size
    error.
  - Mac/Linux: Creating a synchronize session in which the remote
    session was using the SCP protocol could have failed with a
    create directory error.
  - Mac/Linux: FTPS data connections failed to reuse the TLS session
    context negotiated for the control connection.
  - Mac/Linux: For certain FTP servers, when attempting to configure
    a synchronize session, if the specified remote path already
    existed, the synchronize session properties could not be saved.
  - Mac/Linux: When clicking the "View Host Key" button on the New
    Host Key dialog, the host key was rejected instead of being
    displayed.
  - Mac/Linux: Under certain circumstances, the expanded/collapsed
    state of the folders in the Session Manager could reset to the
    state they were in at application startup.
  - Mac: Under certain circumstances, if multiple parallel transfers
    were started and exactly one transfer failed, SecureFX could
    crash.
  - Mac: When the VoiceOver accessibility option was enabled on the
    system, SecureFX could crash when certain dialogs were opened.
  - Mac: SecureFX could crash on macOS 10.13 if a synchronization
    operation was cancelled while a transfer was in progress or
    pending.
  - Mac: On macOS 10.14, certain drag and drop operations
    (e.g., dragging a session within the Session Manager) could
    have resulted in a system accessibility dialog requesting
    additional access be granted to the application.
  - Mac: If the system launched SecureFX automatically (e.g., after a
    system reboot or user logon), a "-psn_" parameter may
    have been included by the system as an option to the SecureFX
    process, causing SecureFX to attempt to connect to that parameter
    as a host.  SecureFX now ignores the "-psn_" system parameter.
  - Mac: Dragging a session or folder into another folder caused
    that session or folder to be hidden from view.  The moved session
    or folder was displayed correctly after SecureFX restarted.
  - Linux: On Ubuntu 19.04, when running SecureFX on certain older
    hardware, the application could crash at startup.