The 6.4.6 releases contain the following special features:
- Tectia Client and Server: support for Windows 2012 R2
- Tectia Server: "Load control", a connection flood DoS attack
mitigation feature that uses a white list of IP addresses.
All released products also include bug fixes and minor features.
The following includes a summary of the release notes for each product.
Tectia Client
New Features:
-
Windows: Added support for Windows Server 2012 R2 for Tectia Client and Server.
-
Windows: Updated the certificate used for signing the Windows packages. Note that the new certificate uses SHA-2 to verify its signature. Microsoft XP with Service Pack 2 does not support SHA-2 and therefore cannot guarantee the integrity of the certificate (KB968730). For Microsoft Windows Server 2003 with Service Pack 2, to validate the certificate, apply the hotfix to KB968730.
Bug Fixes:
-
All Platforms: Newline conversions in Tectia file transfer clients no longer
fail to work when transferring files to a VShell Server (VanDyke).
-
All Platforms: File transfers from Tectia Clients no longer crash when
transferring files in ASCII mode to a VShell Server (VanDyke).
-
All platforms: Fixed a potential memory corruption when transferring files
recursively and using a configuration file to specify the file transfer
advice strings.
-
Windows: Fixed the display of certain incorrect error messages.
-
Windows: GSSAPI authentication no longer fails in certain conditions when
the security authentication package is too large.
-
Windows: Users are now able to authenticate via GSSAPI when using the host
name, the fully qualified domain name or an IP address to define the
destination server.
-
Windows: It is now possible to set GSSAPI ticket forwarding using the
Tectia Connections Configuration GUI.
-
Windows: Fixed a bug in sshg3 which caused occasional hangs when run on
Windows 8.
Tectia Server
New Features:
-
All platforms: Implemented "load control", a connection flood DoS attack
mitigation feature that uses a white list of IP addresses. The feature
attempts to keep Tectia Server up and running in the face of a Denial of
Service attack that tries to use so much of the server's resources that
normal service would be disrupted.
-
Windows: Added support for Windows Server 2012 R2 for Tectia Client and Server.
-
Windows: Updated the certificate used for signing the Windows packages.
Note that the new certificate uses SHA-2 to verify its signature. Microsoft
XP with Service Pack 2 does not support SHA-2 and therefore cannot guarantee
the integrity of the certificate (KB968730). For Microsoft Windows Server
2003 with Service Pack 2, to validate the certificate, apply the hotfix
to KB968730.
-
Windows: Local tunneling constraints obtained via an external application
can now be configured using the Tectia Server Configuration GUI.
Bug Fixes:
-
All Platforms: Fixed a deadlock that occurred in Tectia Server under stress
when using the Tectia Mapper Protocol.
-
All platforms: Fixed a bug in Tectia Server that was causing the
ssh-servant-g3 process to crash under stress.
-
All Platforms: Improved Tectia Server's stability under stress.
-
Unix: When configuring GSSAPI authentication, the dll-path parameter is no
longer ignored.
-
Windows: Improved error handling related to domain user authentication
when there is a one-way trust relationship between the domain of the host
and the domain of the user.
-
Windows: Fixed the display of certain incorrect error messages.
-
Windows: RSA SecurID authentication no longer fails when aceclnt.dll is
specified in the Tectia Server configuration file, but not in the system's
path.
-
Windows: GSSAPI authentication no longer fails in certain conditions when
the security authentication package is too large.
-
Windows: Users are now able to authenticate via GSSAPI when using the host
name, the fully qualified domain name or an IP address to define the
destination server.
-
Windows: Fixed a memory leak that occurred in Tectia Server under certain
conditions when authenticating domain users.
-
Windows: Fixed a bug in Tectia Server that was causing the ssh-servant-g3
process to crash when authenticating domain users.
-
Documentation: Corrected the Tectia Server Registry Keys location on Windows.
Tectia ConnectSecure
New Features:
- Windows: Updated the certificate used for signing the Windows packages.
Note that the new certificate uses SHA-2 to verify its signature. Microsoft
XP with Service Pack 2 does not support SHA-2 and therefore cannot guarantee
the integrity of the certificate (KB968730). For Microsoft Windows Server
2003 with Service Pack 2, to validate the certificate, apply the hotfix
to KB968730.
Bug Fixes:
-
All Platforms: Newline conversions in Tectia file transfer clients no longer
fail to work when transferring files to a VShell Server (VanDyke).
-
All Platforms: File transfers from Tectia Clients no longer crash when
transferring files in ASCII mode to a VShell Server (VanDyke).
-
All platforms: Fixed a potential memory corruption when transferring files
recursively and using a configuration file to specify the file transfer
advice strings.
-
All Platforms: Fixed a memory leak that occurred in the ssh-ftp-proxy when
showing the SFTP server banner message.
-
Windows: Fixed the display of certain incorrect error messages.
-
Windows: GSSAPI authentication no longer fails in certain conditions when
the security authentication package is too large.
-
Windows: Users are now able to authenticate via GSSAPI when using the host
name, the fully qualified domain name or an IP address to define the
destination server.
-
Windows: It is now possible to set GSSAPI ticket forwarding using the
Tectia Connections Configuration GUI.
-
Windows: Fixed a bug in sshg3 which caused occasional hangs when run on
Windows 8.
Tectia Server for IBM z/OS
New Features:
- z/OS: Added the new SFTP SITE command and advice string parameter
"SPACE_RELEASE"(or RLSE when abbreviated). If SPACE_RELEASE is set to "yes"
(default) when a new data set is allocated, unused disk space will be
released. Otherwise the allocated space of a data set is retained.
Bug Fixes:
-
All Platforms: Newline conversions in Tectia file transfer clients no longer
fail to work when transferring files to a VShell Server (VanDyke).
-
All Platforms: File transfers from Tectia Clients no longer crash when
transferring files in ASCII mode to a VShell Server (VanDyke).
-
All platforms: Fixed a potential memory corruption when transferring files
recursively and using a configuration file to specify the file transfer
advice strings.
-
All Platforms: Fixed a memory leak that occurred in the ssh-ftp-proxy when
showing the SFTP server banner message.
-
z/OS: S378 abends should no longer happen when using FILETYPE=JES directory
functions.
-
z/OS: Using a file transfer profile via file transfer advice strings with
the OpenSSH client no longer fails to work.
-
z/OS: The execution of the commands "digest" or "ldigest" from sftpg3 on
the server side no longer fails in some cases.
-
z/OS: Listing PDSEs with sftpg3 no longer shows space as 0. It now reports
the estimated size based on the number of allocated tracks of the PDSE.
-
z/OS: Fixed the issue with file transfer advice strings where data set
allocation was done dynamically even when the VOLUMES attribute was
specified, except for when the UNIT attribute was configured.
-
z/OS: Fixed the upgrade script, so that it will no longer create a new
host key for the server.
-
z/OS: Simplified the license location requirement for Tectia Server for
z/OS. From now on, the licenses must be installed by copying the license
files to /opt/tectia/etc/licenses/ and making sure they are readable.
-
z/OS: Removed the no longer used ICU libraries from the packages.
-
Documentation: Improved the instructions for installing licenses in the
z/OS documentation.
For further information about the products and changes between the different versions,
and instructions on how to update the product, see the customer documentation and
release notes at SSH product documentation web page.
answered
Jan 29 '14 at 13:26
SSH KB ♦
509●253●251●241