SecureCRT 3.0.1 - App Store

SecureCRT version 3.0.1

Updated At: 2023-12-21

Changes: Dec 21, 2023 Version 3.0.1 Changes in SecureCRT 3.0.1 -------------------------- Vulnerability Fix: - SSH2: For some algorithms, an attacker can manipulate the packets sent during key exchange to cause some packets to be removed, which compromises channel integrity. A "Strict KEX" extension was implemented to address this vulnerability (CVE-2023-48795). In order to use the "Strict KEX" extension, the extension must be supported by both the client and the server. Bug Fixes: - On iOS 17, when a text selection was started in the terminal view, SecureCRT may have crashed. - On iOS 17, if the backspace key was held down while focus was in the terminal, the key did not repeat. - On iOS 16, when scrolling into the scrollback buffer in a session configured with a large font size, scrolling back down to the prompt may have failed. - If the public key specified for a session contained a "." in the filename, an error that the private-key file could not be found was reported.

SecureCRT version 2.5.2

Updated At: 2023-09-05

Changes: Sep 5, 2023 Version 2.5.2 Changes in SecureCRT 2.5.2 -------------------------- Change: - The keyboard function key view now includes the F11 and F12 keys. Bug Fix: - When scrolling through data in the scrollback, the view may have jumped to the very top or very bottom of the view.

SecureCRT version 2.5.1

Updated At: 2023-03-02

Changes: Mar 2, 2023 Version 2.5.1 Changes in SecureCRT 2.5.1 -------------------------- Bug Fixes: - When importing a private key that was passphrase protected, SecureCRT could hang. - In certain cases, importing a configuration archive file silently failed.

SecureCRT version 2.4.3

Updated At: 2021-12-13

Changes: Dec 13, 2021 Version 2.4.3 Changes in SecureCRT 2.4.3 -------------------------- Bug Fixes: - When using a mouse pointer (or potentially other pointer devices) within the terminal view, SecureCRT crashed. - If the session Firewall page was displayed while the session had an invalid name specified, SecureCRT could crash. - When prompted to import a configuration file that was placed on the device, SecureCRT could hang. - On certain devices, when connecting to a session that did not have a hostname specified, SecureCRT could hang. - On certain devices, when importing a private key, SecureCRT could hang. - On certain devices, when creating a public key with a name of an existing key, SecureCRT could hang. - On certain devices, if an email client has not been setup and the "Email Public Key" option is selected, SecureCRT could hang. - On certain devices, when attempting to create a firewall with an invalid name, SecureCRT could hang. - When the Session Options page was displayed and the device was rotated between landscape and portrait orientation, some of the option fields may have been cut off. - When multiple sessions were connected and the visible session was closed due to the "Close on Disconnect" option being enabled, the text in the remaining session's view may have been hidden. - On certain devices, when importing a private key, the passphrase field may have been obscured by a "Strong Password" label.

SecureCRT version 2.4.2

Updated At: 2021-10-21

Changes: Oct 21, 2021 Version 2.4.2 Changes in SecureCRT 2.4.2 -------------------------- Bug Fixes: - On certain devices (e.g., iPhone 13 Pro), SecureCRT could hang at startup. - On certain devices, when the "Confirm Disconnect" prompt was displayed, SecureCRT could hang. - On certain devices, when attempting to save a session with an invalid name, SecureCRT could hang. - When an error dialog was displayed from the configuration passphrase interface, SecureCRT could hang. - When generating or importing a public key and the specified passphrases did not match, SecureCRT could hang. - If the Session Firewall page was displayed while the session had an invalid name specified, SecureCRT could crash.

SecureCRT version 2.4.1

Updated At: 2021-09-29

Changes: Sep 29, 2021 Version 2.4.1 Changes in SecureCRT for iOS 2.4.1 ---------------------------------- Bug Fix: - On iOS 15, SecureCRT crashed when attempting to make a connection.

SecureCRT version 2.4.0

Updated At: 2020-10-09

Changes: 9 Oct 2020 Version 2.4.0 Changes in SecureCRT for iOS 2.4 -------------------------------- New features: - Added support for Dark Mode. - Added support for SSH agent and OpenSSH agent forwarding. - Added support for TVI925 and TVI910 emulations. - SSH2: Added support for the diffie-hellman-group14-sha256, diffie-hellman-group16-sha512, and diffie-hellman-group18-sha512 key-exchange algorithms. Changes: - When single and double quotes are typed into a session, they are not converted to smart quotes. - Added support for ANSI_SC and ANSI_RC escape sequences to Xterm emulation. - Added support for the ECMA-48 REP (repeating character) Xterm escape sequence. This escape sequence indicates the previous character in the data stream should be repeated "n" times. - SecureCRT now handles the Xterm "paste bracketing" escape sequence so that indentation is correct when indented text is pasted into an editor. - If a firewall name is changed, any sessions using that firewall are updated with the new firewall name. - When generating a new key, the default is now RSA. - When generating a new RSA key, the default size is now 3072 bits. - When SecureCRT is attempting to automatically reconnect a session after its connection has been lost, if the reconnect takes more than one attempt, the reconnecting message is updated in the terminal instead of being displayed again. - When connecting to a ProFTPD mod_sftp server, SFTP version 3 is used by default. - SSH2: Removed support for several weak ciphers (Blowfish, 3DES, RC4) and MACs (SHA1-96, MD5, and MD5-96). - SSH2: When doing public-key authentication, if there is no corresponding private-key file without an extension and there is a private-key file with a .ppk extension, it will be used. - SSH2: Keyboard-interactive authentication works with a prompt that contains "password" with any combination of upper and lower case letters (e.g., "Password" or "PASSWORD"). Vulnerabilities addressed: - When certain emulation functions received a large negative number as a parameter, it could have allowed the remote system to corrupt memory in the terminal process, potentially causing the execution of arbitrary code or a crash. Bug fixes: - When a session was configured to use another session as a jump host, connecting to that session resulted in a crash. - Connecting to a session using a floating virtual keyboard with the accessory view shown caused SecureCRT to crashed. - Using an external mouse could cause SecureCRT to crash. - When using an external mouse, selecting text in the terminal sometimes did not work as expected. - When an external keyboard was used, the shortcut bar obscured the last line in the session. - When multiple dashes (-) were entered, they were converted to a non-ASCII character if Smart Punctuation was on. - When the Backspace key was pressed repeatedly to delete characters, sometimes display artifacts were left behind. - With certain iPhone models (X, XS, XS Max, 11, 11 Pro, and 11 Pro Max), the application display area was cut off by the notch. - On iOS devices with the notch, when two sessions were open in portrait mode and the device was rotated to landscape mode, the session was partially hidden by the notch. - On an iPhone XS Max, when a session was in portrait orientation and there was enough data in the scrollback buffer for the scroll bar to appear, if the screen was rotated to landscape orientation, the scroll bar was not positioned in the correct location. - When multiple lines of text were selected in a session and the session was scrolled vertically, sometimes the selection rectangle appeared in two different locations. - The display of certain Unicode characters (i.e., emojis) in the terminal, could have caused other characters to appear as clipped. - When attempting to connect to an ownCloud WebDav server, the initial connection and/or traversing the file system could have failed.

SecureCRT version 2.4.0

Updated At: 2020-10-09

Changes: Oct 9, 2020 Version 2.4.0 Changes in SecureCRT for iOS 2.4 -------------------------------- New features: - Added support for Dark Mode. - Added support for SSH agent and OpenSSH agent forwarding. - Added support for TVI925 and TVI910 emulations. - SSH2: Added support for the diffie-hellman-group14-sha256, diffie-hellman-group16-sha512, and diffie-hellman-group18-sha512 key-exchange algorithms. Changes: - When single and double quotes are typed into a session, they are not converted to smart quotes. - Added support for ANSI_SC and ANSI_RC escape sequences to Xterm emulation. - Added support for the ECMA-48 REP (repeating character) Xterm escape sequence. This escape sequence indicates the previous character in the data stream should be repeated "n" times. - SecureCRT now handles the Xterm "paste bracketing" escape sequence so that indentation is correct when indented text is pasted into an editor. - If a firewall name is changed, any sessions using that firewall are updated with the new firewall name. - When generating a new key, the default is now RSA. - When generating a new RSA key, the default size is now 3072 bits. - When SecureCRT is attempting to automatically reconnect a session after its connection has been lost, if the reconnect takes more than one attempt, the reconnecting message is updated in the terminal instead of being displayed again. - When connecting to a ProFTPD mod_sftp server, SFTP version 3 is used by default. - SSH2: Removed support for several weak ciphers (Blowfish, 3DES, RC4) and MACs (SHA1-96, MD5, and MD5-96). - SSH2: When doing public-key authentication, if there is no corresponding private-key file without an extension and there is a private-key file with a .ppk extension, it will be used. - SSH2: Keyboard-interactive authentication works with a prompt that contains "password" with any combination of upper and lower case letters (e.g., "Password" or "PASSWORD"). Vulnerabilities addressed: - When certain emulation functions received a large negative number as a parameter, it could have allowed the remote system to corrupt memory in the terminal process, potentially causing the execution of arbitrary code or a crash. Bug fixes: - When a session was configured to use another session as a jump host, connecting to that session resulted in a crash. - Connecting to a session using a floating virtual keyboard with the accessory view shown caused SecureCRT to crashed. - Using an external mouse could cause SecureCRT to crash. - When using an external mouse, selecting text in the terminal sometimes did not work as expected. - When an external keyboard was used, the shortcut bar obscured the last line in the session. - When multiple dashes (-) were entered, they were converted to a non-ASCII character if Smart Punctuation was on. - When the Backspace key was pressed repeatedly to delete characters, sometimes display artifacts were left behind. - With certain iPhone models (X, XS, XS Max, 11, 11 Pro, and 11 Pro Max), the application display area was cut off by the notch. - On iOS devices with the notch, when two sessions were open in portrait mode and the device was rotated to landscape mode, the session was partially hidden by the notch. - On an iPhone XS Max, when a session was in portrait orientation and there was enough data in the scrollback buffer for the scroll bar to appear, if the screen was rotated to landscape orientation, the scroll bar was not positioned in the correct location. - When multiple lines of text were selected in a session and the session was scrolled vertically, sometimes the selection rectangle appeared in two different locations. - The display of certain Unicode characters (i.e., emojis) in the terminal, could have caused other characters to appear as clipped. - When attempting to connect to an ownCloud WebDav server, the initial connection and/or traversing the file system could have failed.

SecureCRT version 2.3.1

Updated At: 2018-12-10

Changes: Dec 10, 2018 Version 2.3.1 This version adds support for the curve25519-sha256 key-exchange algorithm and addresses a couple of display orientation bugs. Changes in SecureCRT for iOS 2.3.1 ---------------------------------- New features: - Added support for the curve25519-sha256 key-exchange algorithm. Bug fixes: - When an iPad was in landscape orientation, the item labels in the Session Options were truncated. - If a session was connected and the built-in keyboard was shown on an iPhone XS and Space was pressed to show the extended keys toolbar, rotating between portrait and landscape orientation caused the the extended keys toolbar to be hidden. We want your feedback. Please send your feature requests and bug reports to [email protected].

SecureCRT version 2.0.1

Updated At: 2014-10-25