What's new in this version:
- When certain emulation functions received a large negative number as a parameter, it could have allowed the remote system to corrupt memory in the terminal process, potentially causing the execution of arbitrary code or a crash.
- If a script was launched from a button bar button or keymap shortcut and the script file could not be located, a misleading error was reported
- Mac: Attempting to authenticate using a YubiKey smartcard with the "opensc-pkcs11.so" library specified as the PKCS#11 provider resulted in an error, because the library could not be loaded.
- Mac: If the ZModem Upload List dialog was using the List view mode, which allows a folder to be expanded to display its contents, a file within an expanded folder could not be added to the upload list. Manager was expanded via the "Connect..." toolbar item, the Session Manager would briefly open, then immediately re-hide.
- Mac/Linux: If the Command Window option "Send Characters Immediately" was enabled, minimizing and restoring SecureCRT caused the option to be disabled
- Windows: Added an administrative policy that disallows the TFTP
server from being run
- The performance of keyword highlighting has been improved to be as fast as and in many cases, much faster, than version 8.5.
- SecureCRT now handles the Xterm "paste bracketing" escape sequence so that indentation is correct when indented text is pasted into an editor
- Added an optional "hide output" parameter to the Session Object Lock() method
- SSH2: When doing public-key authentication, if there is no corresponding private-key file without an extension and there is a private-key file with a .ppk extension, it will be used.
- TFTP: The TFTP server is off by default. However, when the TFTP server was running, SecureCRT was vulnerable to a directory traversal attack that allowed access to arbitrary files on the local system.
- When running a version of the Midnight Commander file manager that supports extended coordinate mouse clicks, mouse operations from within SecureCRT did not work
- When multiple screens were created using the "screen" utility, the scrollback from one screen could end up in the scrollback for a different screen
- When multiple screens were created using the "screen" utility, the man page output went to the scrollback buffer
- In the Manage Agent Keys dialog, the columns expanded every time the dialog opened, which eventually caused all column headers to disappear
- If two sessions were connected and then a session was sent to a new window, if the Hex view was opened, no data was displayed in the Hex view for the session
- The items "MENU_TOGGLE_KEYWORD_HIGHLIGHTING" and "MENU_CONNECT_LOCAL_SHELL" were not recognized when they were included in a custom .MNU file
- Windows: If folders were rearranged in the Command Manager, the folder order was not remembered when SecureCRT restarted
- Windows: If the Session Manager and Command Manager were unpinned (auto hide) and the Session Manager was pinned, the Command Manager became active
- Windows: Some of the arrow buttons in the Global and Session Options dialogs did not work correctly with screen readers, such as JAWS and NVDA
- SSH2: Keyboard-interactive authentication works with a prompt that contains "password" with any combination of upper and lower case letters (e.g., "Password" or "PASSWORD").
- When an editor (e.g., vi or vim) was used to edit a file on the remote system, the wrong line could have been deleted when the delete line command was sent
- When a session with an authentication banner reconnected, extra newlines were inserted after the banner
- Updated the version of Python that ships with SecureCRT to 2.7.16
- Windows: When using both the left and right mouse buttons to simulate a middle-button click, and the "Paste on middle button" option was enabled, the paste operation would not succeed
- Treat the [email protected] key-exchange algorithm as
- Synonymous to the curve25519-sha256 algorithm.
- Under certain circumstances, tiled session did not resize correctly after resizing the Command window.
- If the default session protocol was set to something other than TAPI and the Quick Connect protocol was changed to TAPI, attempting to configure TAPI produced an error.
- If the Screen.get2() scripting function was called, line drawing characters in the terminal window could be corrupted.
- When a large scrollback buffer was configured, the scroll bar could get stuck at the top of the scrollback.
- SecureCRT now prevents multiple Connect bars from being added to the toolbar.
- SSH2: If the public key in use was generated with the ssh-keygen Z option, SecureCRT could crash when attempting to enter the passphrase.
- When SecureCRT was maximized or full screen, if the font was zoomed in using CTRL+ or the mouse wheel, attempting to zoom out using CTRL- or the mouse wheel did not work.
- If Python 3.x was installed on the system and the PYTHONPATH variable was set, SecureCRT could fail to launch.
- When "Background colors" tab status indicators were used and enough sessions to fill the tab bar were connected, there was a significant lag when connecting new sessions or closing sessions.
- Added support for the curve25519-sha256 key-exchange algorithm.
- If an OpenSSH format key was manually added to the host key database, SecureCRT crashed when attempting to connect to a host that used that key.
- If the Session Manager was pinned and the active session had keyword highlighting on and it was toggled off by selecting "Keyword
- Highlighting" from the Options menu and then the Session Manager was hidden, keyword highlighting was re-enabled.
- Windows: In the Command Window, if the option "Send Characters
- Immediately" was set, pressing CTRL+A selected all the text in the
- Command Window instead of sending the CTRL+A to the session(s).
- Windows: When using the mouse wheel to scroll session output, there was a dead spot in the terminal area where scrolling stopped if the mouse cursor was positioned there.
- Windows: Attempting to display the Activator's About box caused an error message to be displayed.
- Mac/Linux: If the Session Manager was undocked and redocked, the terminal area size changed.
- Mac: SecureCRT could crash if a session had a dependent session and the wrong password had been saved for both sessions and the wrong password was entered when attempting to connect to the session.
- Mac: If CTRL+ was used to select multiple folders in the
- Session Manager or Connect dialog and then arrow keys were pressed, the selection could not be cleared.
- Linux: On Ubuntu 18.x, when running Midnight Commander, if CTRL+O was used to show and hide panels until there was no command prompt and then Midnight Commander was restarted as root and CTRL+O was used to hide panels, the command prompt was at the top of the window and new output was displayed incorrectly.
- Added a new script function FileSaveDialog() that allows saving to
- a file that does not exist.
- If the command line specified a saved session (/S) and overrode the local listening IP address (/LOCAL), an error was reported and the session did not connect.
- The button bar list was empty if button bars were imported when the button bar list was not displayed and then the button bar was displayed.
- Windows: On Windows Server 2008 R2, the icons in the Session Manager and Connect dialog were not drawn correctly.
- Windows: On a high-DPI monitor scaled to 125%, the 10-point Lucida
- Console font looked larger and bold compared to how that font looked in other applications.
- SecureCRT could crash if a new folder was created in the Session Manager or Connect dialog and there was at least one other folder under "Sessions" and then sorting was changed to manual arrangement and a session was dragged to be between the "Session" folder and the top folder