VanDyke Software

VShell Server History

       VShell(R) Server 4.5 (Beta 4) -- October 15, 2019

         Copyright (C) 1995-2019 VanDyke Software, Inc.
                    All rights reserved.


This file contains a VShell product history.  It includes lists
of new features, changes, and bug fixes sorted by release.  For a
product description, installation notes, registration, and contact
information, please refer to readme.txt (downloaded with this
package).


Changes in VShell 4.5 (Beta 4) -- October 15, 2019
--------------------------------------------------

Changes:

   - When adding internal database users, if username includes 
     the illegal character "@", an error is now displayed.

   - HTTPS: Added a robots.txt file containing settings that tell 
     web robots not to visit the site.

   - HTTPS: In the VShell User Web Interface, minor adjustments
     were made to meet WCAG 2.0 success criteria.

Bug fixes:

   - HTTPS: When using a logout trigger, the %I (IP address) and 
     %G (source port) parameters could be set to "unknown". 

   - HTTPS: When the HTTP PUT command was used to upload a file 
     that replaced a larger version of the same file, the uploaded
     file incorrectly retained the previous size.
		
   - Windows: In the VShell Control Panel, using the LDAP 
     User/Group Picker would trigger a minor memory leak.

   - Windows 2019: When Logon access was allowed for a domain 
     level group, members of the group could be denied Logon 
     access when using publickey authentication. 

   - Linux/Mac: The FailedAuthCommand trigger was not executed when 
     a user was prevented from logging in due to account restrictions.

   - Linux/Mac: vuserdb commands could fail with an error mentioning 
     ciphers, MACs, or key exchange methods specified in the 
     vshelld_config file.

   - HTTPS: In the VShell User Web Interface, if an invalid URL 
     was entered, the error message could be displayed as XML.


Changes in VShell 4.5 (Beta 3) -- September 5, 2019
---------------------------------------------------

Changes:

   - HTTPS: Secure headers Strict-Transport-Security, Content-
     Security-Policy, X-XSS-Protection, X-Frame-Options, X-Content-
     Type-Options, and Cache-Control are now sent.

   - HTTPS: The "Server" header is no longer sent.

   - HTTPS: In the VShell User Web Interface, colors of two 
     components were changed to meet WCAG 2.0 success criteria.

   - Linux/Mac SSH2: The Crypto++ library used by VShell was 
     updated to version 8.2.

   - Some AIX OpenSSH clients (versions 7.5p1 and later) were 
     disconnected with error "Server received packet unknown 
     userauth packet, which should never be sent by the client".
	 
	 
Bug fixes:

   - HTTPS & FTPS: In the rare case that a client closed the 
     connection immediately after renegotiating SSL parameters, 
     CPU usage could increase and remain close to 100%.


Changes in VShell 4.5 (Beta 2) -- August 15, 2019
-------------------------------------------------

New features:

  - SSH2: Added support for the diffie-hellman-group14-sha256,
    diffie-hellman-group16-sha512, and diffie-hellman-group18-
    sha512 key exchange algorithms.

  - Windows: Added the ability to enable and disable use of 
    specific TLS versions.


Bug fixes:
  
  - Windows: The VShell Control Panel had three lists of options 
    in which extra lines would appear when an item was selected.


Changes in VShell 4.5 (Beta 1) -- July 25, 2019
-----------------------------------------------

New features:

  - HTTPS: Added support for the WebDAV protocol.

  - HTTPS: In the VShell User Web Interface, the title text can now 
    be customized.

  - FTPS: Added support for the MDTM command described in RFC 3659,  
    as well as the MFF and MFMT commands described in draft-somers-
    ftp-mfxx-04. 
 
  - Windows: Added support for a folder monitor that can detect 
    creation or copy/move of new files to a specified folder and 
    initiate actions such as automatic transfer to another SFTP 
    server.

  - Windows: Added a wizard for faster configuration of VShell to 
    receive file uploads from Cisco Unified Communications Manager  
    (CUCM) and similar applications that connect using SFTP.

  - Linux/Mac: Added support for the HTTPS protocol.

  - Linux/Mac: Added the ability to specify the maximum number of 
    concurrent connections per user for SSH2 and FTPS connections.

  - Linux/Mac: Added support for subconfigurations to limit the 
    number of concurrent SSH2 or FTPS connections for a particular 
    user or group.

  - Linux/Mac: Added the ability to add VShell internal database 
    users from a file.


Changes:

   - VShell Workgroup Edition now allows 25 concurrent connections 
     (previously 10).


Bug fixes:

  - In the rare case that a trigger was configured with a timeout 
    >= 215 seconds and a "run as" user, the trigger would not fire.

  - When using subconfigurations for both users and groups that
    both specified a logging destination, a memory leak could occur.

  - When a new log file was created for the day, it was possible for 
    some of the lines to be written above the header.

  - In the line logged to indicate the IP address and port on which 
    a service was listening, the address and port were reversed.

  - When LDAP authentications were performed, a memory leak occurred.

  - Upon connection by a client that displays a single row in its 
    console such as Remote Desktop Manager by Devolutions, VShell 
    would produce an error and disconnect the client.

  - HTTPS: In some cases, when VShell HTTPS received a PUT command to 
    upload a 0-byte file, it could return a response with an invalid 
    Content-Range header field.

  - HTTPS: When a file transfer was interrupted, upload and download 
    triggers did not set the %U (user) and %s (session) parameters.

  - HTTPS: When the VShell server was configured to disable the HTTPS 
    PUT command, an HTTPS client attempting to upload a file with PUT 
    could hang.

  - HTTPS: In the VShell User Web Interface, when downloading files
    the browser did not display its download indicator until the 
    download completed.

  - HTTPS: In the VShell User Web Interface, when multiple dialogs were 
    displayed at the same time, closing one would close them all.

  - HTTPS: In the VShell User Web Interface, when using a browser other 
    than Edge or Internet Explorer, you could not download a file with 
    non-ASCII (e.g., Russian) characters in the filename.

  - FTPS: When FTPS and FTP file uploads are performed using SecureFX, 
    timestamps are now preserved.  

  - FTPS and HTTPS: When a file upload was aborted due to loss of
    network connectivity, the client being killed or closed, or
    failure to write the file to disk, upload triggers returned
    success rather than the error code.

  - Windows: In the rare case of multiple simultaneous authentication 
    failures when the deny host option was enabled, it was possible for
    VShell to crash or incorrectly add one of the connecting IPs to the 
    deny host list.

  - Windows: For file operation triggers set up to fire conditionally 
    for users having access to an SFTP virtual root, the email and
    command trigger actions did not work. 

  - Windows: On the VShell Control Panel, performing a certain 
    sequence of actions on the Triggers page could incorrectly cause 
    the Add, Edit, and Delete buttons to be enabled.

  - Windows: When there were a large number of users, or when there 
    was network latency between the domain controller and the VShell 
    server, there could be a delay before displaying the Access Control 
    list, the SFTP commands list, and the Virtual Roots list. 

  - Linux/Mac: When MaximumAuthenticationRetries was set to a value 
    less than DenyHostAfterFailureCount, a host was not denied 
    connection after DenyHostAfterFailureCount authentication 
    failures.