What's New

VShell FTPS and the OpenSSL Heartbleed Vulnerability

VShell 4.0.2 has been released to address the Heartbleed vulnerability.

This information applies only to VShell FTPS versions. VShell (SSH2/SFTP), regardless of platform and version, is not affected by the Heartbleed vulnerability because it does not provide FTPS connectivity.

VShell FTPS for Windows has never used OpenSSL. VShell FTPS for Windows is not affected by the Heartbleed vulnerability.

VShell FTPS for supported UNIX platforms uses OpenSSL for FTPS protocol support. Depending on the platform, VShell FTPS for UNIX may or may not be vulnerable to the Heartbleed vulnerability:

On Mac OS X, VShell FTPS 4.0.0 and 4.0.1 uses and ships with a version of OpenSSL that is vulnerable to the Heartbleed bug. The VShell 4.0.2 maintenance release will address this by shipping with a version of OpenSSL (1.0.1g) that contains the fix for the Heartbleed bug. Besides 4.0.0 and 4.0.1, no other VShell versions are affected on the Mac OS X platform.

On AIX 7.1, Ubuntu 12/13, and RHEL 6, VShell FTPS dynamically links OpenSSL version 1.0.1. This means that vshell-ftpsd will load the version of OpenSSL 1.0.1 that is installed on the system. On these platforms, it is highly recommended that the OpenSSL version be upgraded to the non-vulnerable 1.0.1g version. Upgrading VShell is not necessary on these platforms, but vshell-ftpsd will need to be restarted after an OpenSSL upgrade so the non-vulnerable version will be loaded.

On all other UNIX platforms, VShell FTPS is using OpenSSL version 0.9.8 or 1.0.0, neither of which is affected by the Heartbleed vulnerability.

In addition to upgrading VShell or OpenSSL on vulnerable systems, it is recommended that any SSL certificates used by VShell FTPS be regenerated and user passwords should be changed.

For more information, please visit the VanDyke Software Security Advisory page.

Download the VShell 4.0.2 maintenance release.

For a complete list of changes, please see the history file:

VShell 4.0.2 (Official) History File

Send us your feedback! Email your questions, requests, or bug reports to support@vandyke.com.

New 7.2.3 versions of SecureCRT® and SecureFX® Released Today

New maintenance releases of SecureCRT and SecureFX are available for download.

The 7.2.3 release addresses issues found in version 7.2.2, including a bug that could cause SecureCRT for Windows to crash when the Session Manager toolbar button was pressed.

To improve functionality, if you have installed 7.2.2 we recommend that you install 7.2.3.

Find out more about the 7.2.3 Official releases here:

For a complete list of changes, please see the product history files:

You can download any of the 7.2.3 official releases from the download page.

We want to hear your feedback.  Send questions, requests, or bug reports to support@vandyke.com.

7.2.2 Maintenance Releases of SecureCRT® and SecureFX® Now Available

New maintenance releases of SecureCRT and SecureFX are available for download.  These releases address issues found version 7.2.1.

SecureCRT 7.2 and SecureFX 7.2 have a dockable session manager (Windows only), a personal data folder, and SHA-2 MAC algorithm support.

SecureCRT 7.2 adds a zoom session (Windows and Mac only), an execute local shell command, and a number of time-saving scripting enhancements.

SecureFX 7.2 provides SCP support for Cisco and Juniper devices, an option to automatically synchronize files, and an option to force ASCII or binary to be used for all files.

Find out more about the 7.2.2 Official releases:

Please see the history files for a complete list of changes:

You can download any of the 7.2.2 official releases from the download page.

We want to hear your feedback.  Send questions, requests, or bug reports to support@vandyke.com.

Maintenance Release of VShell 4.0.1 Now Available

A new maintenance release of VShell 4.0.1 is now available for download.

VShell 4.0.1 for Windows allows for fine-grained control of triggers, including support for multiple triggers of the same type, user/group and virtual root trigger conditions, multiple actions for each trigger, and new built-in actions for sending email and copying/moving files.  The internal user database on Windows now allows access to all VShell services, including shell, remote exec, and port forwarding, in addition to file transfer.

For a complete list of changes, please see the history file:

VShell 4.0.1 (Official) History File

You can read more about the new capabilities in VShell 4.0.1 here:

VShell 4.0.1 (Official)

Send us your feedback!  Email your questions, requests, or bug reports to support@vandyke.com.

 

Next Page »