Differences
This shows you the differences between the selected revisions of the page.
| history 2026-06-12 | history 2026-06-15 16:07 (current) | ||
| Line 3: | Line 3: | ||
| This is a full list of changes for each release of WinSCP. See also [[project_history|Project history]] and [[incompatible_changes|Incompatible changes between versions]]. | This is a full list of changes for each release of WinSCP. See also [[project_history|Project history]] and [[incompatible_changes|Incompatible changes between versions]]. | ||
| + | ===== [[6.6.2]] 6.6.2 (not released yet) ((2026-06-15)) ===== | ||
| - | ===== [[6.6.2]] 6.6.2 (not released yet) ((2026-06-10)) ===== | + | ··* Experimental 64-bit version of WinSCP. [[bug>618]] |
| - | + | * Optionally not showing error message when connection is lost while idle. [[bug>2360]] | |
| - | ··* Experimental 64-bit version of WinSCP. [[bug>618]] | + | * SSH core and SSH private key tools (PuTTYgen and Pageant) upgraded to [[&url(puttychanges)|PuTTY 0.84]]. \\ It brings the following change: |
| - | * Optionally not showing error message when connection is lost while idle. [[bug>2360]] | + | * Security issue: fixed a remotely triggerable double-free in RSA key exchange. [[pbug>rsakex-double-free]] |
| - | * SSH core and SSH private key tools (PuTTYgen and Pageant) upgraded to [[&url(puttychanges)|PuTTY 0.84]]. \\ It brings the following change: | + | * Minor security issue: fixed a remotely triggerable crash in NIST ECDSA signature verification. [[pbug>ecdsa-remotely-triggerable-assertion]] |
| - | * Security issue: fixed a remotely triggerable double-free in RSA key exchange. [[pbug>rsakex-double-free]] | + | * Bug fix: spurious //"Network error: Socket is not connected"// when authenticating to some HTTP proxies. [[pbug>http-proxy-auth-wsaenotconn]] |
| - | * Minor security issue: fixed a remotely triggerable crash in NIST ECDSA signature verification. [[pbug>ecdsa-remotely-triggerable-assertion]] | + | |
| - | * Bug fix: spurious //"Network error: Socket is not connected"// when authenticating to some HTTP proxies. [[pbug>http-proxy-auth-wsaenotconn]] | + | |
| * TLS/SSL core upgraded to OpenSSL 3.5.7. | * TLS/SSL core upgraded to OpenSSL 3.5.7. | ||
| * XML parser upgraded to Expat 2.8.1. | * XML parser upgraded to Expat 2.8.1. | ||
| * Restored faster C TLS/SSL AES implementation. | * Restored faster C TLS/SSL AES implementation. | ||
| - | * Configurable warning when opening large file in an internal editor. [[bug>2437]] | + | * Configurable warning when opening large file in an internal editor. [[bug>2437]] |
| - | * Informing that when preserving directory timestamps is enabled, using multiple connections for transfer is not possible. [[bug>2439]] | + | * Informing that when preserving directory timestamps is enabled, using multiple connections for transfer is not possible. [[bug>2439]] |
| * Warning when pasting a session URL with unsafe settings. | * Warning when pasting a session URL with unsafe settings. | ||
| - | * When opening session in PuTTY to a host for which WinSCP has multiple host keys cached, using the last key or the key that PuTTY has cached. [[bug>2440]] | + | * When opening session in PuTTY to a host for which WinSCP has multiple host keys cached, using the last key or the key that PuTTY has cached. [[bug>2440]] |
| - | * Always (re)registering drag&drop shell extension during installation, even when the extension is not replaced. | + | * Always (re)registering drag&drop shell extension during installation, even when the extension is not replaced. |
| - | * Allowed Console interface tool to have ''.exe'' extension to avoid false positive detections by some antiviruses. [[bug>2434]] | + | * Allowed Console interface tool to have ''.exe'' extension to avoid false positive detections by some antiviruses. [[bug>2434]] |
| - | * Using //"username"// and //"hostname"// as one word. | + | * Using //"username"// and //"hostname"// as one word. |
| * Reading all system settings from 64-bit registry. | * Reading all system settings from 64-bit registry. | ||
| - | * Allow assigning ''null'' to ''Session.SessionLogPath''. [[bug>2438]] | + | * Allow assigning ''null'' to ''Session.SessionLogPath''. [[bug>2438]] |
| - | * Avoiding using ''SSH_FXF_EXCL'' together with ''SSH_FXF_TRUNC'' SFTP file opening flags. [[bug>2444]] | + | * Avoiding using ''SSH_FXF_EXCL'' together with ''SSH_FXF_TRUNC'' SFTP file opening flags. [[bug>2444]] |
| - | * Optimized file system monitoring when looking for dummy directory during drag&drop downloads. [[bug>2445]] | + | * Optimized file system monitoring when looking for dummy directory during drag&drop downloads. [[bug>;2445]] |
| - | * Bug fix: Failure when trying to connect via HTTP proxy to FTP host with excessively long login details. [[bug>2435]] | + | * Change: Not allowing WebDAV redirects to other hosts by default. [[bug>2447]] |
| - | * Bug fix: Buffer overflow in Console interface tool. [[bug>2436]] | + | * Change: Not allowing WebDAV redirects to an unencrypted URL by default. [[bug>2448]] |
| - | * Bug fix: Failure setting ''Session.DebugLogPath'' when running in impersonated context. [[bug>2441]] | + | * Bug fix: Failure when trying to connect via HTTP proxy to FTP host with excessively long login details. [[bug>2435]] |
| - | * Bug fix: Message boxes from secondary windows (like the internal editor) caused application to move to the background when when the main window was minimized. [[bug>2443]] | + | * Bug fix: Buffer overflow in Console interface tool. [[bug>2436]] |
| + | * Bug fix: Failure setting ''Session.DebugLogPath'' when running in impersonated context. [[bug>2441]] | ||
| + | * Bug fix: Message boxes from secondary windows (like the internal editor) caused application to move to the background when when the main window was minimized. [[bug>2443]] | ||
| + | * Bug fix: Heap over-read via crafted encrypted filename. [[bug>2449]] | ||
| + | * Bug fix: Slashes in filenames can cause path traversal when invalid filename characters replacement is disabled. [[bug>2450]] | ||
| ===== [[6.6.1]] 6.6.1 beta ((2026-04-01)) ===== | ===== [[6.6.1]] 6.6.1 beta ((2026-04-01)) ===== | ||