What's new in SecureCRT 9.0.2 Build 2496
May 20, 2021
- Change:
- Windows: The Scratchpad and Script Editor now honor the "Use ClearType to smooth edges of screen fonts" global option.
- Bug Fixes:
- When connected to a host using TN3270 emulation, if the current partition was unformatted, the SETBUFFERADDRESS command was unexpectedly included in SecureCRT's response.
- Windows: If a session was configured to use a firewall that prompted for credentials, and that session was configured to automatically connect at application startup, SecureCRT crashed.
- Windows: Under certain circumstances, when opening the Session Manager, some folders may not have been expandable.
- Windows: When authenticating with a PKCS#11 certificate with certain signature algorithms, the key may not have been added to the SSH agent.
- Windows: Under certain environments, when connecting to an RDP session, the remote display would not scale to match the local desktop.
- Mac/Linux: If a log file was initially created with the "Append to file" logging option enabled, Unicode characters may not have been logged correctly.
New in SecureCRT 9.0.1 Build 2451 (Mar 19, 2021)
- Change:
- Restored the ability to use the SHA1-96 and MD5-96 MACs.
- Bug Fixes:
- If a script that made a connection was specified on the command line, a "script is currently running" error was incorrectly reported. The script did run after the dialog was dismissed.
- When performing a "Find" operation in the terminal view, if the end of the buffer was reached, the search direction could not be reversed.
- Windows: When a disconnected RDP session tab was reused by a new RDP connection, the title bar text was not updated.
- Mac/Linux: If the Session Manager was docked and not auto-hidden, sessions could have appeared as duplicated when SecureCRT was launched.
- Mac/Linux: Under certain scenarios, opening a tab in a new tab group caused the terminal view to be blank.
New in SecureCRT 9.0.0 Build 2430 (Feb 19, 2021)
- Bug Fixes:
- When a script was specified on the SecureCRT command line, the error "script is currently running" was incorrectly reported. The script did run after the dialog was dismissed.
- Windows: If a user was denied remote desktop access on the target system, connecting with an RDP session silently failed without reporting the system error.
New in SecureCRT 8.7.3 Build 2279 (Aug 12, 2020)
- Bug fixes:
- When the sample ANSI color palette was shown for a color scheme, the colors displayed did not match the descriptive text for the color (e.g., "ANSI Red" text was displayed using the green color).
- The display of certain Unicode characters (e.g., emojis) inthe terminal could have caused other characters to appear as clipped.
- Mac/Linux: Text displayed on the Keyboard Interactive and View Host Key dialogs could not be selected or copied.
- Mac/Linux: When enabling logging via the File menu, connecting to a session caused logging to be toggled off.
New in SecureCRT 8.7.2 Build 2214 (May 15, 2020)
- Vulnerabilities addressed:
- When certain emulation functions received a large negative number as a parameter, it could have allowed the remote system to corrupt memory in the terminal process, potentially causing the execution of arbitrary code or a crash.
- Bug fixes:
- If a script was launched from a button bar button or keymap shortcut and the script file could not be located, a misleading error was reported.
- Mac: Attempting to authenticate using a YubiKey smartcard with the "opensc-pkcs11.so" library specified as the PKCS#11 provider resulted in an error, because the library could not be loaded.
- Mac: If the ZModem Upload List dialog was using the List view mode, which allows a folder to be expanded to display its contents, a file within an expanded folder could not be added to the upload list. Manager was expanded via the "Connect..." toolbar item, the Session Manager would briefly open, then immediately re-hide.
- Mac/Linux: If the Command Window option "Send Characters Immediately" was enabled, minimizing and restoring SecureCRT caused the option to be disabled.
New in SecureCRT 8.7.1 Build 2171 (Mar 19, 2020)
- Changes:
- The performance of keyword highlighting has been improved to be as fast as and in many cases, much faster, than version 8.5.
- SecureCRT now handles the Xterm "paste bracketing" escape sequence so that indentation is correct when indented text is pasted into an editor.
- Added an optional "hide output" parameter to the Session Object Lock() method.
- SSH2: When doing public-key authentication, if there is no corresponding private-key file without an extension and there is a private-key file with a .ppk extension, it will be used.
- Mac/Linux: When ENTER is pressed on a folder in the Session Manager, it is expanded or collapsed. Previously, all the sessions in the folder were connected.
- Vulnerability addressed:
- TFTP: The TFTP server is off by default. However, when the TFTP server was running, SecureCRT was vulnerable to a directory traversal attack that allowed access to arbitrary files on the local system.
- Bug fixes:
- When running a version of the Midnight Commander file manager that supports extended coordinate mouse clicks, mouse operations from within SecureCRT did not work.
- When multiple screens were created using the "screen" utility, the scrollback from one screen could end up in the scrollback for a different screen.
- When multiple screens were created using the "screen" utility, the man page output went to the scrollback buffer.
- In the Manage Agent Keys dialog, the columns expanded every time the dialog opened, which eventually caused all column headers to disappear.
- If two sessions were connected and then a session was sent to a new window, if the Hex view was opened, no data was displayed in the Hex view for the session.
- The items "MENU_TOGGLE_KEYWORD_HIGHLIGHTING" and "MENU_CONNECT_LOCAL_SHELL" were not recognized when they were included in a custom .MNU file.
- Mac/Linux: In the Session Manager, when attempting to give a folder a name that conflicted with an existing folder name, the original or default name was used, instead of allowing a different name to be specified.
New in SecureCRT 8.7.0 Build 2143 (Feb 12, 2020)
- Change:
- SSH2: Keyboard-interactive authentication works with a prompt that contains "password" with any combination of upper and lower case letters (e.g., "Password" or "PASSWORD").
- Bug fixes:
- When an editor (e.g., vi or vim) was used to edit a file on the remote system, the wrong line could have been deleted when the delete line command was sent.
- When a session with an authentication banner reconnected, extra newlines were inserted after the banner.
New in SecureCRT 8.5.4 Build 1942 (May 31, 2019)
- Changes:
- Updated the version of Python that ships with SecureCRT to 2.7.16.
- Bug Fixes:
- Mac: When opening certain dialogs (e.g., Session Options), the dialog may have opened in the upper left corner of the monitor, instead of centered over the main window.
New in SecureCRT 8.5.3 Build 1867 (Feb 13, 2019)
- Change:
- Treat the [email protected] key-exchange algorithm as synonymous to the curve25519-sha256 algorithm.
- Bug fixes:
- Under certain circumstances, tiled session did not resize correctly after resizing the Command window.
- If the default session protocol was set to something other than TAPI and the Quick Connect protocol was changed to TAPI, attempting to configure TAPI produced an error.
- If the Screen.get2() scripting function was called, line drawing characters in the terminal window could be corrupted.
- When a large scrollback buffer was configured, the scroll bar could get stuck at the top of the scrollback.
- SecureCRT now prevents multiple Connect bars from being added to the toolbar.
- SSH2: If the public key in use was generated with the ssh-keygen -Z option, SecureCRT could crash when attempting to enter the passphrase.
- Mac/Linux: The Session Manager was always shown at startup even if it was closed prior to closing SecureCRT.
- Mac/Linux: If a logon script was running in a session and a large amount of output was received, not all of the output was displayed.
- Mac/Linux: If a script was launched using a mapped key, the menu item "Cancel" was not available on the Script menu.
- Mac: If the global options "Paste on middle button" was set, the Confirm Paste dialog continued to be displayed after the Cancel button was pressed.
- Mac: The Zmodem Upload List browse dialog did not honor Chinese characters.
- Mac: When using a Wacom tablet and stylus as the mouse, the mouse pointer would not always reappear in the expected location.
- Mac: If text with trailing newlines was pasted into the Connect bar, the text was not visible.
New in SecureCRT 8.5.2 Build 1799 (Nov 23, 2018)
- New feature:
- Added support for the curve25519-sha256 key-exchange algorithm.
- Bug fixes:
- If an OpenSSH format key was manually added to the host key database, SecureCRT crashed when attempting to connect to a host that used that key.
- If the Session Manager was pinned and the active session had keyword highlighting on and it was toggled off by selecting "Keyword Highlighting" from the Options menu and then the Session Manager was hidden, keyword highlighting was re-enabled.
- Mac/Linux: If the Session Manager was undocked and redocked, the terminal area size changed.
- Mac: SecureCRT could crash if a session had a dependent session and the wrong password had been saved for both sessions and the wrong password was entered when attempting to connect to the session.
- Mac: If CTRL+ was used to select multiple folders in the Session Manager or Connect dialog and then arrow keys were pressed, the selection could not be cleared.
New in SecureCRT 8.5.1 Build 1764 (Sep 28, 2018)
- New feature:
- Added a new script function FileSaveDialog() that allows saving to a file that does not exist.
- Bug fixes:
- If the command line specified a saved session (/S) and overrode the local listening IP address (/LOCAL), an error was reported and the session did not connect.
- The button bar list was empty if button bars were imported when the button bar list was not displayed and then the button bar was displayed.
- Mac: After successfully updating using "Update Now" once, SecureCRT could not be updated again using "Update Now".
- Mac: The dialog for customizing the toolbar was displayed over the toolbar so that items could not be dragged into the toolbar.
- Change:
- Mac: Dark Mode is disabled due to incompatibilities with MacOS 10.14 (Mojave).
New in SecureCRT 8.5.0 Build 1740 (Aug 28, 2018)
- Bug fix:
- SecureCRT could crash if a new folder was created in the Session Manager or Connect dialog and there was at least one other folder under "Sessions" and then sorting was changed to manual arrangement and a session was dragged to be between the "Session" folder and the top folder.
New in SecureCRT 8.5.0 Build 1731 Beta 5 (Aug 16, 2018)
- Bug fixes:
- Mac: When SecureCRT and SecureFX were integrated, if both SecureCRT and SecureFX were running and connected to a session and then SecureCRT was launched from SecureFX, the current session was opened in a tab in the SecureCRT window and in a new SecureCRT window.
- Mac: SecureCRT could, under rare circumstances, crash when "Page Setup" was selected from the File menu.
New in SecureCRT 8.5.0 Build 1724 Beta 4 (Aug 9, 2018)
- Bug fixes:
- Scripts specified in custom keymaps and mapped keys were not included when settings were exported and imported.
- The Beta expiration notice was displayed more frequently than it should have been when SecureCRT was not closed and other instances of SecureCRT were started/opened/launched.
- Mac: If settings were exported to a network share (SMB), the XML file was blank.
- Mac: If a session was imported from another platform and the session's font did not exist on MacOS, the terminal text was not displayed correctly.
- Mac: When a session was configured to use GSSAPI authentication, if GSSAPI authentication failed, a warning dialog to this effect was still displayed when "Do not show this message again" was checked.
- Mac: When the Confirm Multi-Line Paste dialog was displayed, focus was in the edit box instead of on the Paste button.
New in SecureCRT 8.5.0 Build 1707 Beta 3 (Jul 20, 2018)
- Bug fix:
- When the script recorder was used to generate a Python script, escape characters [chr(92)] were not included in the script.
New in SecureCRT 8.3.4 Build 1699 (Jul 13, 2018)
- Bug fix:
- When the script recorder was used to generate a Python script, escape characters [chr(92)] were not included in the script.
New in SecureCRT 8.5.0 Build 1689 Beta 1 (Jul 6, 2018)
- New features:
- Added a Button Bar Manager, which allows button bars to be added, duplicated, edited, deleted, and arranged manually or alphabetically.
- Added a Button Manager, which allows buttons on a button bar to be rearranged, edited, added, deleted, copied, and pasted.
- Added the ability to rename button bars.
- Button bars can be duplicated from the button bar context menu and in the Button Bar Manager.
- Added the ability to map a button or key to a button bar, making it easier to switch between different button bars.
- The text in the multi-line paste confirmation dialog can be edited before it gets pasted into a session.
- The multi-line paste confirmation dialog can be resized.
- Added the ability to save sessions that were created using Quick Connect, the Connect bar, or the command line.
- Added a new Script status indicator so that tabbed and tiled sessions can indicate that a script is running.
- Added a global option to disable all printing.
- Added a global option that allows the Command window to be configured to send commands to all sessions, visible sessions, or the active session by default.
- Added the ability to make the width of session tabs a fixed number of pixels.
- Added support for the SHA2-512-EtM and SHA2-256-EtM MACs.
- ssh-add can be used to add keys from a remote Linux, Unix, or Mac system to SecureCRT's agent using agent forwarding.
- Added the ability to specify the quote character(s) to be used for the "Paste as Quotation" operation.
- Added a global option to prevent numbers from being appended to tabbed or session names when the same session is connected more than once.
- Added "Reset Name" to the tab/tile context menu, which resets the tabbed or tiled session name back to the session's name or title specified in the Session Options dialog.
- Added the ability to toggle keyword highlighting from the Options menu.
- When a session is copied in the Session Manager or Connect dialog, the session's hostname is put in the clipboard so that it can be pasted into a session or other applications. The session can still be pasted into the Session Manager or Connect dialog.
- Added a global option to disable ALT+ tab switching.
- Added a global option for triple clicking to include the EOL character in the selection.
- Sorting on columns is supported in all list controls that have columns.
- Added a session INI-file-only option "Keyboard Interactive Prompt" that allows the expected prompt for keyboard-interactive authentication to be specified.
- Added a command-line flag /KEYBOARDINTERACTIVEPROMPT that allows the keyboard interactive prompt to be specified for SSH2 sessions.
- Added a global INI-file-only option "TFTP Resend Timeout" that allows the resend timeout for the TFTP server to be configured.
- Mac: Added a global option to automatically set locale environment variables for the local shell. This option is on by default.
- Changes:
- Because of an update to a cryptographic library used by SecureCRT, newly generated DSA keys are now restricted to 1024 bits.
- In the Public Key Properties dialog, the "Use identity or certificate file" field can be left blank.
- The Full Reset and Soft Terminal Reset escape sequences are now honored with Linux, VShell, VT220, VT320, and Xterm emulations.
- The DECSUSR escape sequences to change the cursor style are now honored in Xterm emulation.
- Preceding and trailing whitespace is removed from hosts entered in the Connect bar.
- Made it easier to specify xterm-256color emulation in the Session Options dialog.
- Added base color support for TN3270 emulation.
- If the global option to paste on press of middle mouse button is set, the middle mouse button can be used to paste into the Command window.
- An optional confirmation dialog is displayed on the "Paste as Quotation" operation.
- If the session option "Forward X11 packets" is set and no X server is running on the local machine, a warning dialog is no longer displayed.
- If the session options "Automate logon" and "Send initial carriage return" are set and no Send strings are specified, the initial carriage return is sent when the session connects.
- The session option "Disable initial SFTP extensions" can now be configured in the GUI.
- The local and remote port forwarding fields in the Session Options dialog have been made taller so that more configured port forwards are visible.
- Added the ability to specify the terminal type on the command line using the flag /TERMINAL_TYPE.
- When the options /COLOR_SCHEME and /T are used on the command line, the color scheme is only applied to the session specified by /T.
- SSH1/SSH2: If the option "Do not request a shell" is set, a message to that effect is displayed in the session.
- Windows: For the VS2018 Dark theme, the active tab's color was lightened so that it would stand out more.
- Windows: The close button for the "Native" display theme is now a plain "X".
- Mac: The Expose (Command+Shift+) behavior has been disabled.
- Mac: The Command window can now be resized to be as small as one line tall.
- Bug fixes:
- If two instances of SecureCRT were running and the Global Options dialog was displayed in one instance and the Session Options dialog was displayed in the other, if changes were made in the Global Options dialog and saved, SecureCRT crashed when attempting to select a different category in the Session Options dialog.
- In the Session Manager or Connect dialog, if a folder was renamed to have a name that was too long for the local system, the sessions contained in the folder were deleted.
- SecureCRT hung when running a Python script that called crt.Screen.Send("