login about faq

Tectia SSH Client, SSH Server and ConnectSecure 6.4.13 were released on March 31. What's new in these releases?

asked Apr 01 '16 at 09:30

SSH%20doc's gravatar image

SSH doc ♦♦
267810


Tectia Client/Server/ConnectSecure 6.4.13 releases include the following changes:

  • Installed host key is now 2048 bits by default.

  • Default key type in key generation is now RSA.

  • IBM AIX 5.3, Oracle Solaris 9, SLED 10 and 11, and SLES 9 are no longer supported.

The following includes a summary of the bug fixes for each product.

Bug Fixes in Tectia Client & ConnectSecure

  • All platforms: Fixed an issue with certificate-based authentication where an ampersand in the subject OU caused a broker XML error and client disconnection.

  • All platforms: The last line in ssh_sftp_batch_file is no longer ignored.

  • Windows: On a machine with UAC enabled Tectia Client no longer fails when run with elevated privileges while the Connection Broker is run with non- elevated privileges.

  • Windows: To avoid misunderstandings, the "Enable DoD PKI compliancy" label on the CA Certificates page of Tectia Connections Configuration GUI was renamed to "Enforce digital signature in key usage".

  • Windows: The text in the MSI installer notifying of an existing installation is no longer truncated.

  • Linux: Removed unused files libgcc_s.so.1 and libstdc++.so.6 from the packages.

Bug Fixes in Tectia ConnectSecure only:

  • Windows: Transparent TCP/FTP tunnels and FTP proxy now work for applications that use ConnectEx to connect to their destinations.

  • Windows: Uninstalling ConnectSecure no longer removes 30-plugin_cipher_crypticore.dll from the SSH Tectia AUX\Plugins directory.

Bug Fixes in Tectia Server

  • Unix: Fixed input validation when starting X11 forwarding. Users without shell access to the system could bypass the restrictions by using techniques outlined in CVE-2016-3115. As a mitigating factor, even without the fix, the output of the commands was not visible to the users, so the vulnerability in this case is limited to creating files and outbound connections with the privilege level of the authenticated user. This vulnerability is limited to configurations with restricted user accounts (forced or denied commands, denied shells).

  • Linux: Removed unused files libgcc_s.so.1 and libstdc++.so.6 from the packages.

  • Windows: To avoid misunderstandings, the "Enable DoD PKI compliancy" label on the Certificate Validation page of Tectia Server Configuration GUI was renamed to "Enforce digital signature in key usage".

  • Windows: Users with characters outside of US-ASCII in their user name can now log in to Tectia Server using public key authentication.

  • Windows: Authorization file definitions can now be removed using Tectia Server Configuration GUI.

  • Windows: The text in the MSI installer notifying of an existing installation is no longer truncated.

  • All platforms: Policy name is now shown in audit messages for successful connections.

For further information about the products and changes between the different versions, and instructions on how to update the product, see the customer documentation and release notes at the SSH product documentation site.

link

answered Apr 01 '16 at 09:35

SSH%20doc's gravatar image

SSH doc ♦♦
267810

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×69
×60
×49
×31

Asked: Apr 01 '16 at 09:30

Seen: 5,112 times

Last updated: Apr 01 '16 at 09:35

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.