VShell(R) Server 4.7.1 (Official) -- May 12, 2022 Copyright (C) 1995-2022 VanDyke Software, Inc. All rights reserved. This file contains a VShell product history. It includes lists of new features, changes, and bug fixes sorted by release. For a product description, installation notes, registration, and contact information, please refer to readme.txt (downloaded with this package). Changes in VShell 4.7.1 (Official) -- May 12, 2022 -------------------------------------------------- Bug fixes: - Linux/Mac: Deny Hosts options that were not explicitly configured in the vshelld_config file were not set to the correct default values. Changes in VShell 4.7 (Official) -- April 26, 2022 -------------------------------------------------- No changes. Changes in VShell 4.7 (Beta 5) -- April 19, 2022 ------------------------------------------------ New features: - Mac: Added support for macOS Monterey. Changes: - Windows, SSH2: Public-key authentication now works when Windows is configured with additional protection for the Local Security Authority (LSA) process using the RunAsPPL option. - Mac: The ChrootUsers and ChrootGroups options are no longer supported (macOS Monterey). Bug fixes: - Windows: If a set of trigger actions were re-ordered after they were initially saved, the complete list of trigger actions was not included in a configuration export. - Linux/Mac: When configured to use a remote syslog server and the server was unreachable, connections to the server could become abnormally slow. Changes in VShell 4.7 (Beta 4) -- March 31, 2022 ------------------------------------------------ New features: - Windows: Added support for Windows Server 2022. Bug fixes: - If VShell was logging to a remote syslog server and the syslog server was shut down, it was necessary to restart the VShell service/daemon to re-establish the connection to the syslog server. - Windows: When exporting the configuration from the VShell Control Panel and an export filename was not specified, the export operation would hang until the command window was closed. Changes in VShell 4.7 (Beta 3) -- March 3, 2022 ----------------------------------------------- Bug fixes: - Windows: When managing a large Deny Hosts file from the VShell Control Panel, the initial display and filtering of entries were sluggish. - Linux/Mac: If VShell was logging to a remote syslog server and that server was not accessible when a VShell daemon was started, CPU usage would increase to 100%. Changes in VShell 4.7 (Beta 2) -- February 3, 2022 -------------------------------------------------- Bug fixes: - Under rare circumstances, if a client sent invalid data as part of the key-exchange process, VShell could crash. - Windows: During some types of VShell upgrades, the service configuration could be changed unexpectedly. Changes in VShell 4.7 (Beta 1) -- January 4, 2022 ------------------------------------------------- New features: - New options allow restriction of uploads according to file extension. - Idle timeout values for SSH2, FTPS, and HTTPS can now be subconfigured by location, user, or group. - The "Enable Sharing for SFTP Open" option can now be subconfigured for specific users, groups, or locations. - Windows, SFTP, FTPS, HTTPS: Added an option to not list system files. - Windows, SFTP, FTPS, HTTPS: Added an option to not list hidden files. - Windows: Added the ability to copy a trigger. - Windows: Added support for Windows 11. - Windows, SSH2/SFTP: For RADIUS authentication, added an option to strip the domain from the username. Changes: - In FIPS mode, digital signatures that use SHA-1 as the hashing algorithm can no longer be used because they are not allowed by the upgraded version of the FIPS library module. - For newly-generated RSA host keys, the minimum size is now 1024 bits. - When permissions of the internal database system user prevent a user's home directory from being automatically created, a message is logged. - Added an option to prevent clients from using ssh-rsa (SHA-1) as the algorithm for host key or publickey authentication. - HTTPS: Cookies now have the HttpOnly flag enabled. - HTTPS: Updated several of the jQuery libraries used, including update of jQuery UI to version 1.13.0. - HTTPS: Folder upload now works with mobile browsers. - HTTPS: The Login page no longer automatically capitalizes the username when a mobile browser is used. - HTTPS: When connected with Safari on an iOS device, a long click on a file or folder now displays the context menu. - HTTPS: When connected with Chrome on an Android device, double tapping (clicking) on a folder now opens the folder. - Windows: Added an option (registry-only) to check, after authentication, whether each and every virtual root is available. This option is on by default. - Windows: The VShell Control Panel now displays an error for an invalid SSH2 configuration with no key exchange algorithms. - Windows: In the VShell Control Panel, the Certificate Options page now appears under the Common Category. Bug fixes: - HTTPS: If the permissions for a virtual root were changed while there were active connections to the server, file access results for those connections could be inconsistent. - HTTPS: When the DELETE, PUT, or HEAD methods were disabled, VShell's response to the OPTIONS command would incorrectly indicate that they were all enabled. - HTTPS: Specifying an alternate log file folder using a subconfiguration did not change the destination to which HTTPS messages were written. - Windows: In the unusual case where a system issue prevents the server from impersonating the user while establishing the virtual file system, the server could crash. - Windows: When using VShellConfig to export the configuration using the "virtual-roots" include directive and any virtual roots impersonate a user, credentials are no longer exported unless the "saved-credentials" option is specified. - Windows: When importing a configuration with an internal user database, any internal database users/groups were omitted from the imported ACLs. - Windows: When an LDAP server was used for authentication, connections could be counted incorrectly for the per-user connection limit. - Windows: When connected to an LDAP server with over 1000 users or groups, all the users or groups may not have been displayed. - Windows: The VShellConfig "sftp add" command could be used to unexpectedly create a virtual root with an empty path. - Windows: In the unusual case that a virtual root was created with an empty path, it was treated as an "" virtual root. - Windows: In some cases, the VShell Control Panel could crash if a user was added to the Access Control or SFTP Commands pages but no permissions were selected before switching to a different page. - Windows: When configuring a remote SFTP virtual root to a remote server that only supported the Diffie-Hellman Group Exchange key exchange algorithm, the connection would fail. - Windows: If the configured RADIUS server was inaccessible during a RADIUS authentication attempt, a VShell service restart was required after the RADIUS server was reachable again. - Linux/Mac: If configured to log to a remote Syslog server, when a client disconnected some messages would not sent to the Syslog server and an error about "The specified network name is no longer available" would be written to the VShell log. - Linux/Mac: When using a vshell.lic file that included the demarcation lines for the start or end of a license block, VShell would fail to parse the actual license data.