SecureFX(R) 9.0.2 (Official) -- May 20, 2021 Copyright (C) 1995-2021 VanDyke Software, Inc. All rights reserved. This file contains the SecureFX product history. It includes lists of new features, changes, and bug fixes sorted by release. For a product description, installation notes, registration information, and contact information, please refer to SecureFX_README.txt (downloaded with this installation). Changes in SecureFX 9.0.2 (Official) -- May 20, 2021 ---------------------------------------------------- No changes. Changes in SecureFX 9.0.1 (Official) -- March 18, 2021 ------------------------------------------------------ Change: - Restored the ability to use the SHA1-96 and MD5-96 MACs. Bug fix: - If the remote server was shut down during a synchronize operation, SecureFX did not automatically attempt to reconnect to the server. Changes in SecureFX 9.0 (Official) -- February 18, 2021 ------------------------------------------------------- No changes. Changes in SecureFX 9.0 (Beta 6) -- February 9, 2021 ---------------------------------------------------- No changes. Changes in SecureFX 9.0 (Beta 5) -- January 26, 2021 ---------------------------------------------------- Changes: - Windows: When using a PKCS#11 provider DLL that did not match the architecture (32 vs. 64 bit) of the client, a misleading error was displayed. The error message has been modified to describe the error more accurately. Bug Fixes: - Windows: When renaming a file in the local window that would have resulted in a naming conflict with an existing file, under certain circumstances, SecureFX could crash. - Windows: When viewing the Session Options dialog, certain display configurations resulted in scroll bars appearing in the category tree. - Mac/Linux: When editing a remote file, if the path to the selected "Open With" application contained a space, the application path was not saved with surrounding quotes, preventing the application from being opened on subsequent remote edit attempts. - Mac: When multiple files or folders were selected in the local or remote window, dragging those items to initiate a transfer could have failed. - Mac: Dragging a session or folder into another folder caused that session or folder to be hidden from view. A restart of the application caused the folder or moved session to be displayed correctly. - Mac: When using "Update Now..." to check for and download an updated installer, the progress dialog was not shown for the initial check or during the download. - Linux: When the application ran over X11 forwarding and the window size became too large, a crash could occur. - Linux (RHEL 8): When attempting to install SecureCRT and SecureFX in parallel using standalone installers (i.e., not the scrt-sfx combined installer), the installation of the second application would have failed due to unexpected file conflicts. - Linux (RHEL 7/8): When SecureFX was uninstalled, the "/usr/local/lib/SecureFX" folder was not removed. Changes in SecureFX 9.0 (Beta 4) -- December 15, 2020 ----------------------------------------------------- Bug Fixes: - When connected to Amazon S3, if the user did not have permissions to access a bucket, SecureFX would re-prompt the user for credentials even though valid credentials had already be entered. - Windows: When uploading a file to an Amazon S3 "pseudo" folder, a duplicate pseudo folder may have been created using the name of the file uploaded. - Windows: When using QuickConnect for an RDP connection, if the domain name was specified as part of the username, under certain scenarios, the domain name may have been prepended to the username twice on the RDP authentication prompt. - Linux: When running SecureFX over X11 forwarding and the X11 server was either misconfigured or not running, the application would crash at startup. - Linux: When the file type filter dropdown was clicked from a folder browse dialog, SecureFX could crash. - Linux: When using a browse dialog to select a local directory for certain options (e.g., download directory or synchronize operation local directory), the dialog would not allow the selected directory to be chosen. Changes in SecureFX 9.0 (Beta 3) -- November 19, 2020 ----------------------------------------------------- New Feature: - Linux: Added support for Ubuntu 20.04. Changes: - The prompt for keys that are pre-loaded into agent now shows the filename associated with the key. - SSH2: When attempting an SSH2 connection, if KEX algorithm negotiation fails, SecureFX offers to try again by enabling a supported algorithm. - The SHA-2 base64 hash of the public-key fingerprint is now displayed in the Public Key Properties and trace output. Bug Fixes: - When connected to an Amazon S3 session, "pseudo" folders did not appear in the file listing. A new session INI-file-only option ("AWS Allow Pseudo Directories") has been added to allow pseudo folders to appear in the file list. - When the initial local window directory was a network share, there may have been a long delay at startup. - Windows: When connected to an Amazon S3 instance, certain object types may not have been displayed in the file view. - Windows: When SecureCRT and SecureFX were installed as a combined installation (integrated) and the TFTP server had been disabled via the Administrative Template, the TFTP options page was still displayed in the SecureFX Global Options dialog. - Mac: When SecureFX and SecureCRT were both installed, opening the terminal font dialog for a session from within SecureFX caused a hang. - Mac: Attempting to authenticate using a YubiKey smart card with the "opensc-pkcs11.so" library specified as the PKCS#11 provider resulted in an error, because the library could not be loaded. - Mac: When connecting to a FTPS or HTTPS server in which the SSL certificate was expected to validate on the local system, the connection only succeeded if the "Disable certificate validation" option was disabled. - Mac: When Dark Mode was enabled and the system highlight color was set to graphite, hovering over the list view in the local or remote window resulted in a white highlight color. - Mac: When using the built-in trackpad on a MacBook to drag a session to a different location in the Session Manager, auto- scroll and folder auto-expand did not work consistently. - Mac: When attempting to open a remote file using Visual Studio Code, if VS Code was already running on the system, the remote file was not opened. - Mac: If the Session Manager was docked and in auto-hide mode, a "<>" text artifact appeared on the Session Manager tab when expanded. - Mac/Linux: If the remote directory specified for a synchronize operation already existed, certain servers returned a "File not found" error instead of a "File exists" error when SecureFX attempted to create the remote directory. This caused SecureFX to terminate the synchronize operation. SecureFX now checks to see if the remote directory already exists and continues with the synchronize operation. - Mac/Linux: When a public key that had a comment specified in the key data was added to the agent, the Manage Agent Keys dialog did not display the comment. - Mac/Linux: Text displayed on the Keyboard Interactive and View Host Key dialogs could not be selected and/or copied. - Mac/Linux: When attempting to create a QuickSync or Synchronize session to a PureFTPd server, if the remote path specified was "/", the configuration failed due to a directory creation error. - Linux: When using SFXCL for an HTTP operation, the process could hang or crash on exit. - Linux: When connected to an Amazon S3 session, buckets in certain regions may not have been accessible. Changes in SecureFX 9.0 (Beta 2) -- October 20, 2020 ---------------------------------------------------- Bug Fixes: - When exporting the configuration to a file, if a folder name was specified instead of a filename, the export file was created using the folder name and the folder itself was renamed with a ".bak" extension. - When SecureCRT and SecureFX were installed as a combined installation (integrated) and the SecureFX Session Manager option "Show Terminal Sessions" was off, SecureCRT local shell sessions were still shown. - Windows: If some parent path component of the local window directory was not accessible to the user, the local window could not be interacted with and the main window could not be closed. Changes in SecureFX 9.0 (Beta 1) -- September 24, 2020 ------------------------------------------------------ New Features: - Added support for transferring files to and from Amazon S3. - Added the ability to specify public/private keys to load into SSH2 agent when SecureFX starts. - Added support for the rsa-sha2-256 and rsa-sha2-512 public-key algorithms (RFC 8332). - Added an option to have transferred files be timestamped by the destination server. - Added a global option to automatically remove files from the transfer queue after the transfer is finished. - Added the ability to use wildcard characters "*" and "?" in the Session Manager filter box. - SSH2: The host-key algorithms can now be specified and ordered in the Session Options dialog. - Windows: Added an administrative option that disallows a blank configuration passphrase. Changes: - SSH2: Removed support for several weak ciphers (Blowfish and RC4) and MACs (SHA1-96, MD5, and MD5-96). - HTTPS: When connecting to a VShell HTTPS server, the home directory defaults to the directory sent by VShell in a cookie. - When connecting to a ProFTPD mod_sftp server, SFTP version 3 is used by default. - Added the ability to reorder sessions in the Auto Session list. - In the Manage Agent Keys dialog, the fingerprint is displayed as SHA-2. - When IPv6 hostnames are displayed in tabs or the application title bar, the colons (":") are no longer replaced with underscores ("_"). - In the Global Options dialog, in the SSH Host Keys category, the Hostname and Port columns now sort logically instead of alphabetically. Bug Fixes: - SCP: When connected to a server that does not support a secondary channel open request, copying a file from one folder to another on the remote system could result in a hang. - Parallel transfers to a Microsoft IIS HTTP/S server could hang if the transfers were initiated by dragging multiple files to the remote session. - HTTPS: If a file or folder name contained certain characters (e.g., "#" or "%"), HTTPS operations on that file or folder failed. - HTTPS: When connecting to an HTTPS (WebDAV) server, if a failed authentication attempt was immediately followed with a successful attempt, the connection still failed. - HTTPS: When uploading a file to a restricted directory that would have resulted in an access denied error, the file transfer may have been reported as successful. - When attempting to connect to an ownCloud WebDav server, the initial connection and/or traversing the file system could have failed. - When the "Confirm overwrite" option was enabled, file uploads to the slimFTPd server could have failed. - Uploading a zero-byte file to certain FTPS servers could fail with a "Network connection does not exist" error. - If the "Disable directory tree detection" option was enabled, file or folder delete operations could fail. - When connecting to an FTP server on a Windows Embedded Compact (Windows CE) system, SecureFX did not auto-detect the operating system as Windows NT. - When transferring files to certain servers, SecureFX and SFXCL may not have used the ideal number of buffers, resulting in slower transfer speeds. - When connected to a Microsoft IIS HTTPS server, the root "/" directory may have been repeatedly displayed in the tree view. - When the "Display the log view" option was toggled while there were connected sessions, the change to the option was not saved or applied to the sessions. - Windows: If the internet connection was disconnected while downloading an available update via "Update Now...", the VanDykeUpdate application could crash. - Windows: When using CAPI to access a certificate located on a smart card and the CAPI store contained multiple certificates, there could be a delay before being prompted for the smart card pin. - Windows: On high DPI monitors with a large scaling factor set, text displayed on the Keyboard Interactive authentication prompt could have been cut off.