SecureCRT® 3.3.4 (Official) -- July 26, 2002 Copyright © 1995-2002 by VanDyke Software, Inc. All rights reserved. This file contains a SecureCRT product history. It includes lists of new features, changes, and bug fixes sorted by release. For a product description, installation notes, registration and contact information, please refer to Readme.txt (downloaded with this installation). Changes in SecureCRT 3.3.4 (Official) ------------------------------------- Bug fixes: - SSH1: Fixed a buffer overflow which could occur if a server-specific identifier string was more than the specified 40 bytes long. This could result in a malicious SSH1 server executing arbitrary code. Changes in SecureCRT 3.3.3 (Official) ------------------------------------- Changes: - Added three new commands to the Help menu which open a browser to the SecureCRT product web page, to the product order page, and to the product download page. Bug fixes: - VCP: The copy failed when the destination folder was the root of a DOS drive (e.g., c:\). - VCP: The copy failed when multiple sources were specified. Changes in SecureCRT 3.3.2 (Official) ------------------------------------- Changes: - TELNET: For unexpected connection errors, added a way to get additional information about where the error occurred. - VCP: Added additional verbose output to the file listing for recursive or wild card copies. Bug fixes: - SSH2: The remote server's maximum packet size is no longer ignored. Changes in SecureCRT 3.3.1 (Official) ------------------------------------- Changes: - Added trace logging for some firewall operations. - Modified error which claimed invalid host name to be invalid parameter, and should indicate that there has been a programming error. SecureCRT sometimes sees this error with Zone Alarm. Bug fixes: - SSH2: "Save Username" check box was still visible in SSH2, if save username option was disabled in the registry. - SSH1: Fixed problems with SSH1 through a generic proxy. - SSH1: Added support to skip sending the max packet size to the Cisco VPN concentrators that seem to have a problem with this SSH packet. - VCP: Fixed the password prompt so it would be visible over a pipe. - In order to avoid a clipboard deadlock problem, the method SecureCRT uses to detect data on the clipboard was changed. - ALT+selecting and using "Open selection as URL" on URLs that spanned multiple lines and had data to the right of the selection did not produce expected results. - Invisible Image DEC VT control sequences were not honored when printing. Changes in SecureCRT 3.3 (Official) ----------------------------------- Bug fixes: - SSH1: An empty dialog box with a red "X" was displayed if an SSH1 connection was attempted to a port that didn't have SSH1 or SSH2 running. - Fixed word selection. Nothing was selected on a double click. Changes in SecureCRT 3.3 (Beta 5) --------------------------------- Changes: - Changed behavior of "Open Selection as URL". This menu item is only enabled when the mouse pointer is over the selection. - Modified "Open Selection as URL" to strip only newlines, leading white space, trailing white space, and white space next to newlines. Bug fixes: - SSH1: Occasionally, 100% CPU utilization could occur if the session connection was lost while port forwarding. - Right-clicking caused a crash after making a column select (ALT+select) other than from upper left to lower right. - Because of a rounding error, sometimes it was possible to get an invisible single character selection by left-clicking in the terminal window. Changes in SecureCRT 3.3 (Beta 4) --------------------------------- New features: - SSH2: Added support for Blowfish and AES ciphers. - SSH2: Supports 2048-bit Diffie-Hellman Group Exchange. Changes: - SSH2: Improved errors when keys exchanged were too large. - SSH1: Modified Key Generation wizard text. - TAPI: Implemented the serial break as a session option in the session .INI file. - VCP: When attempting to connect to an SSH1 server, the protocol mismatch error now includes statement that the SSH2 protocol is required. - VCP: Made "hostname:" a valid destination file name for VCP. It is now the same as "hostname:.". - Using "Open Selection as URL" now tests for empty selection to prevent "Open Selection as URL" from being mistakenly enabled on the context menu. - Using "Open Selection as URL" now strips out all spaces from the selected text to OpenURL. - In the Map Selected Keys dialog, the second dropdown list in the Action group was widened in order to accommodate the menu items. Bug fixes: - SSH1: Improved intermittent stalling when port forwarding over SSH1. This problem caused 100% CPU utilization on Windows 2000. - SSH2: In the Key Generation wizard, if there is any problem creating the public-key pair files, an error will be displayed and control will be returned to the "Finish" page instead of exiting the wizard. - SSH2: Occasionally, SSH2 sent packets to a channel that had already been closed. This resulted in the remote side disconnecting and a protocol error referring to a nonexistent channel being reported. - SSH2: SSH2 failed to flush packets smaller than the cipher block size from its receive buffer. During upload of a big file, the server only sends status packets, which eventually filled the receive buffer. This caused SecureCRT to incorrectly end the file transfer. SSH2 now flushes the receive buffer. Because the minimum packet size is 10 bytes, this only affected AES and Blowfish. - VCP: If an empty filename was given as a source or destination, VCP reported it was an empty hostname. VCP now reports that an empty filename is not valid. - Serial: Reduced buffer sizes to 64 bytes to improve scrolling and display behavior. Data now streams rather than appearing in chunks. - Activator: If a session window was minimized to the Activator while a modal dialog was displayed, the session window could not be restored. - A double left-mouse button click selected all of the text in the window from the cursor back to the screen origin (0,0). - The "Open Selection as URL" menu command did not work correctly for column selections (ALT+select). - Command-line option /F now strips off any trailing \ from the path passed to it. - When specifying a case-sensitive network drive for the location of sessions, the "default" session and the "__folderdata__.ini" showed up in the session list. - The "Linux" keymap is now loaded into the Keymap Editor when it is the selected keymap for a given session. Changes in SecureCRT 3.3 (Beta 3) --------------------------------- New features: - SSH2: Added support for generating and using RSA public keys. - SSH2: Added support for accepting RSA host keys when authenticating. - SSH2: Added support for displaying the MD5 Hash host key fingerprint when connecting to a new or changed host. - SSH2: Added the global parameter "Host Key Algorithms" to specify the order host keys will be used to authenticate. The default is DSA then RSA. The option can also be used to limit which type of host key will be accepted. - Added support to specify the location of the SecureCRT configuration folder with the /F command line option. - Added support for mapping keys to toggle the scrollbars from the keyboard. Changes: - SSH2: Session Options page for the MAC and Cipher groups and controls are disabled if the session is connected. - Serial: Added 230000 baud rate. - Under Windows 2000 installations the Configuration Location is now prompted for when SecureCRT is first run. - Activator: " - SecureCRT" is no longer displayed in the menu or session window. Bug fixes: - VCP now prompts the user whether or not to accept the host key when the host key is new or changed. - SSH2: If a disconnect occurred during a Key Exchange, the client would not connect but it could still take a connection on the SSH2 server. SecureCRT now disconnects. - SSH1: Memory usage would grow each time a new port-forwarding connection was established. This problem was most visible when port forwarding an e-mail checker that created a new connection every 60 seconds. - SSH1: When connecting to an OpenSSH server, you could get an incorrect protocol error. SecureCRT was sending the X11 screen number, but was not specifying the protocol flag. - TAPI: When selecting TAPI in a new session or existing session, it was possible to receive an unexpected error: "Error creating line abstraction for line 6" This error should no longer occur. - Xmodem: SecureCRT now pads the last packet with a ^Z (0x1a) character as per Xmodem convention. - Activator: If a window had been maximized and then minimized, it was not restored to the maximized state. - When the /FIREWALL command-line option was specified for a protocol other than the default protocol, it was not being used. - When the user specified an identity file with the /I command-line option, the authentication method was not set appropriately. - For users who did not install the telnet protocol, the error "Unknown connection protocol: telnet" would be displayed when creating a new session or using the Quick Connect feature. Changes in SecureCRT 3.3 (Beta 2) --------------------------------- Bug fixes: - Rare GPF on startup with the SecureCRT window maximized and the "Save window state for each session" option selected. - Selecting a window from the SecureCRT Window menu list caused a hidden SecureCRT window to be restored instead. - When the "Always on top" option was set for one or more SecureCRT windows, those windows would not appear on the Window menu list of SecureCRT windows where "Always on top" was not selected. - Port forwarding under SSH1 did not work if the "Destination host is different from the SSH server" option was checked. - Padlock icon was displayed when using Zmodem over insecure connection. Changes in SecureCRT 3.3 (Beta 1) --------------------------------- New features: - A "Minimize to Activator in system tray" option has been added to the Global and Session Options dialogs. Setting this option causes SecureCRT windows to be minimized to a tray icon instead of to the task bar. - Added Xmodem file transfers. - Added a command to the context-sensitive menu for opening a selection as a URL. - Added Reconnect button to main window toolbar. - Added support for multiple ordered authentication in SSH2 sessions. - Added support for multiple ordered ciphers and MACs in SSH2 sessions. - Remote port forwarding can now be set up from the Session Options dialog. - Added a global registry option "Save Passphrase In Shared Memory" that caches SSH2 passphrases. - Added a VShell(TM) keymap. - SOCKS5 firewall support now provides for password authentication. - Added a registry key to disable scripting. - Added an option to set the serial break length in the Session Options dialog. - Added option to set the left margin of the SecureCRT window to the Global Options dialog. - Added option to show the window size in the status bar to the Global Options dialog. Changes: - Moved the Ciphers, MACs and SSH Server fields from the Connection page to the SSH2 page. - "Auto Detect" is now the default SSH2 server compatibility mode. - VCP now supports servers that require password authentication before public-key authentication. - For first-time users, the Quick Connect dialog comes up by default. - Removed the "New Window" menu item and toolbar icon. - Changed the Connect command so that it brings up a new window if the current window is already connected to a session. - Replaced the toolbar icons for "Connect", "Disconnect", and "Quick Connect". - The Advanced dialog has been removed. Everything that was in the Advanced dialog can now be configured through categories in the Session Options tree. - Changed all file transfer dialog titles. Bug fixes: - If SSH2 is using public-key authentication and the username field is blank, SecureCRT now prompts for the username. - Under Windows 2000, on a system with multiple monitors, SecureCRT could not be resized or moved across the monitors. - Open URL now recognizes URLs containing the '~' character. - Open URL now properly parses URLs containing parenthesis - Improved loading time of SecureCRT. - Using the crt.Quit method caused a GPF under Windows 2000 SP1. - GPF occurred when receiving large amounts of data and using the Windows "close button" ("X") to exit session.