This is an old revision of the document!
Recent Version History
This is a full list of changes for each release of WinSCP. See also Project history and Incompatible changes between versions.
6.4 (not released yet)
- Thumbnail view in file panels. 912
- Three selectable sizes of toolbar icons, showing slightly larger size by default. 2147
- Optimized working with large local directories: 2264
- Loading large directory trees on the background.
- Hidden directory trees are loaded only in the background.
- Optimizing directory loading by checking existence of subfolders on the background.
- Optimized reading directories for file panel.
- Optimized browsing within directory tree with lots of subfolders.
- Dark theme for session tabs. 1806
- Improvements to AWS/S3 authentication and configuration handling:
- Allowed assuming IAM role. 2249
- Credential profiles in
.aws/config
file are also recognized. - Preferring configuration file defined using an environment variable over the default one.
- Only profiles that contain both
aws_access_key_id
andaws_secret_access_key
are listed on the Login dialog - Bug fix: The
.aws/credentials
file path was resolved usingAWS_CONFIG_FILE
environment variable instead of correctAWS_SHARED_CREDENTIALS_FILE
.
- Incremental search improvements:
- Search panel pops up on
Ctrl+F
to make the function easier to find. 2281 - Layout of search panel on Login dialog improvend.
- Search options context menu added to the search panel on Login dialog.
- Search panel pops up on
- Search for Preferences options.
- TLS/SSL core upgraded to OpenSSL 3.3.2.
- Site import from an INI file. 2290
- Preserve timestamp when duplicating remote file using SFTP extension
copy-data
(OpenSSH). 2307 - Changing caret position on the first click on an inactive editor window. 2304
- Change: Limiting SFTP version to 3 with non-well-known SFTP servers as a workaround for interoperability issues. 2247
- Installer upgraded to Inno Setup 6.3.1.
- In icons view, files are rearranged automatically when the panel is resized.
- Explorer interface view style toolbar button now shows icon for the current style, instead of the next style.
- Fallback to nonresumable transfer when temporary target file cannot be created. 2277
- Optionally disabled smooth scrolling in an internal editor. 128
- Open window maximized when closed while minimized from maximized state. 2305
- Compatibility with FTP servers that return an empty path in root. 2300
- Optionally following
NoViewOnDrive
policy. 2310 - Recognizing matching Azure certificate files. 2311
- Logging can be enabled for installer subtasks.
- Limited SFTP upload queue length to avoid networking congestion.
- Updated to JCL library 2.8 commit 6380ce72.
- Columns menu in Explorer interface is enabled only in Details view.
- With
/rawconfig
, session is never opened in an existing instance. - Not including useless OpenSSL states in error reporting.
- Bug fix: Possibility that files in root folder were incorrectly used.
- Bug fix: Failure when system theme is changed at the same time directory change is detected. 2286
- Bug fix: Tree indentation does not scale correctly. 2288
- Bug fix: It was possible to start renaming a site by double-clicking its node while editing the site.
- Bug fix: Cannot download from WebDAV server when the request is redirected to the same path on another server. 2293
- Bug fix: Overlay images were not drawn in icons view when Name column in Details view was too narrow.
- Bug fix: Some Unicode texts, notably custom command names, were saved incorrectly in an INI file. 2301
- Bug fix: Caption of permissions group labels disappears when hovered over on Windows 11.
Advertisement
6.3.5
- TLS/SSL core upgraded to OpenSSL 3.2.3.
- XML parser upgraded to Expat 2.6.3.
- Better error message when server is using incompatible TLS protocol version. 2299
- Translations updated: Belarusian and Finnish.
- Bug fix: Incorrect “Credentials were not specified” error when authentication fails due to incorrect password with FTP protocol. 2302
- Bug fix: Stall when switching from S3 to other protocol on Login dialog on some networks. 2309
6.3.4
- TLS/SSL core upgraded to OpenSSL 3.2.2.
- Translations updated: Belarusian, Danish and Russian.
- Standalone executable installer can run over corrupted MSI installation. 2294
- Support for up-to 16KB WebDAV cookies. 2289
- Bug fix: Failure when trying to automate file synchronization by checksum on an SFTP server that does not support it natively. 2291
- Bug fix: Remote panel does not refresh after “ZIP and Upload”. 2292
6.3.3
- SSH core and SSH private key tools (PuTTYgen and Pageant) upgraded to PuTTY 0.81.
It brings the following change:- Security fix for CVE-2024-31497: NIST P521/ecdsa-sha2-nistp521 signatures are no longer generated with biased values of k. The previous bias compromises private keys. 2285 vuln-p521-bias
- Translation updated: Belarusian.
- XML parser upgraded to Expat 2.6.2.
- Support for TortoiseMerge in Compare Files extension. 2279
- Bug fix: File panel does not have focus after Login in Explorer interface. 2276
- Bug fix: Failure when closing the last remote tab. 2283
- Bug fix: Copy and paste to another application in Store installation sometimes does not work. 2284
Advertisement
6.3.2
- Translation updated: Belarusian.
- XML parser upgraded to Expat 2.6.1.
- Optimized startup when right panel local directory tree is not visible.
- Workaround for SFTP servers (Cisco) which omit message field from status response. 2272
- Bug fix: Password pipe cannot be used to open a session in an existing instance. 2265
- Bug fix: Hang when canceling connection while reading remote directory. 2266
- Bug fix: Failure when canceling FTP connection while reading remote directory. 2267
- Bug fix: Cannot start on Windows XP. 2268
- Bug fix: Installation hangs when adding installation path to search path when executed in session 0. 2270
- Bug fix: Misplaced stored site use warning in scripting when session name is specified. 2271
- Bug fix: Correcting neon version in About box and logs.
6.3.1
- Translation completed: Norwegian.
- Bug fix: Badly encoded SFTP packet when renaming a file using SFTP version 5 and newer. 2259
- Bug fix: Failure when trying to synchronize files by checksum on server that does not support it. 2260
- Bug fix: Random hang/failure when closing FTP TLS 1.3 connection. 2261
- Bug fix: Cannot use IPv6 literal as hostname on Login dialog. 2263
6.3
- XML parser upgraded to Expat 2.6.0.
- Bug fix: Hang when prompt pops up while SFTP session is being reconnected. 2258
6.2.4 RC
- Translations completed: Farsi, French, Japanese, Spanish and Traditional Chinese.
- TLS/SSL core upgraded to OpenSSL 3.2.1.
- WebDAV/HTTP core upgraded to neon 0.33.0.
- Bug fix: Failure when trying to upload file using double-click over disconnected session. 2254
- Bug fix: Failure after long frequent use of session tabs. 2255
- Bug fix: New tab icon is drawn incorrectly on Explorer interface with Show selective text labels turned off. 2257
- Bug fix: Failure when switching to another application while new session is being opened using New Tab tab. 2251
Advertisement
6.2.3 RC
- Added new
ca-west-1
AWS region. - Translations completed: Catalan, Czech, Dutch, Finnish, German, Hungarian, Italian, Korean, Polish, Portuguese, Romanian, Russian, Simplified Chinese, Slovak, Turkish and Tamil; and updated: Japanese.
- Support for
posix-rename@openssh.com
SFTP extension. 2231 - When cleaning up application data, deleting even
Martin Prikryl
andWinSCP 2
root keys, if they remain empty. - Ignoring attempts to directly move/duplicate file over itself, as if protocol requires deleting, the file would be lost.
- Configurable FTP TLS shutdown procedure. 2250
- Not failing connection when FTP server responds to
CSID
command with an error. 2253 - Bug fix: Certificate authority cache was not copied to new configuration storage nor cleaned up with other caches.
- Bug fix:
ssh
protocol URL handling was not completely unregistered. - Bug fix: Reported transfer size is rarely incorrect during FTP downloads.
- Bug fix: Failure after connecting to server. 2251
- Bug fix: FTP
CSID
command does not end with semicolon. 2252
6.2.2 beta
- SSH core and SSH private key tools (PuTTYgen and Pageant) upgraded to PuTTY 0.80.
It brings the following change:- Mitigations for SSH protocol “Terrapin” vulnerability. 2246 vuln-terrapin
- Support for
Include
directive when importing sites from OpenSSH. 2239 - Change: .NET assembly collections are tagged with
ClassInterfaceType.None
to avoid warnings fromregasm
. - Not using directory listing to keep FTP session alive by default. 2244
- Windows Store installation on Windows 11 was incorrectly using INI file for configuration storage by default. 2245
- Bug fix: Find dialog file list is scaled incorrectly on some multi monitor systems with different scaling. 2241
- Bug fix: Cannot browse long local paths. 2242
6.2.1 beta
- File hash can be used as criterion for synchronization. 52
- Consistent behavior across protocols and protocol capabilities when duplicating remote files. 2233
- Columns > Reset Layout command added to Explorer interface too.
- TLS/SSL core upgraded to OpenSSL 3.2.0.
- Support for “Requester pays” S3 buckets. 2213
- Optional more prominent active session tab. 2229
- Optionally not shortening tab titles. 2202
- New
winscp.net
root certificate. - Restored support for legacy version of the Digest algorithm specified in RFC 2069. 2109
- Restored consistent behavior of failing, between duplicating and moving/renaming files over existing file with WebDAV protocol in scripting and .NET assembly.
- When moving a folder by drag&drop to a path that already contains a subfolder with the same name, the existing folder is overwritten.
- Shorter and more friendly formatting of long time intervals. 2236
- When typing ambiguous port numbers in Login dialog, keeping the current protocol, even if it is not the default protocol for the port.
- Bug fix: Failure when New Tab is clicked while another session is still being loaded.
- Bug fix: Corrected some painting artifacts on session tabs, particularly on Windows 11.
- Bug fix:
Shift+F5
shortcut operated with a focused file, rather than with selected files. - Bug fix: OpenSSL version in About dialog was not up to date.
- Bug fix: Cannot leave directory entered via cache with SCP protocol if it was deleted meanwhile. 2234
- Bug fix: Failure when connection is lost while reading remote directory with SFTP protocol. 2235
- Bug fix: Multipart upload to Cloudflare R2 S3 interface fails due to too long upload ID. 2237
- Bug fix: Panel focus was lost in some situations.
- Bug fix: When S3 or WebDAV server did not provide file timestamp, downloaded file was set to oldest possible timestamp.
- Bug fix: When session URL is typed into Host name box or pasted using context menu of the box and the Login dialog is submitted using
Enter
key, the URL is not parsed correctly. - Bug fix: Failure when saving edited file over reconnected session after previous reconnect attempt was aborted. 2238
Advertisement
6.2 beta
- Single large file can be downloaded using multiple SFTP connections. 513
- Support for OpenSSH certificates for host verification. Sponsored by Teleport. 2145
- SSH core and SSH private key tools (PuTTYgen and Pageant) upgraded to PuTTY 0.79.
It brings the following change:- Support for HMAC-SHA-512. hmac-sha2-512
- TLS/SSL core upgraded to OpenSSL 3.1.3.
- Allowed S3 connection with IAM role instead of credentials. 2089
- Command to open the same folder as in the other panel in local file manager mode. 2189
- Support appending when streaming file contents to remote server. 2214
- Commands to reset layout of file panels and background transfer queue list columns.
- Change: SSL (3.0) is no longer supported. TLS 1.0 and 1.1 are disabled by default, to match the OpenSSL 3 defaults.
- Using optimized OpenSSL implementations of some algorithms.
- Command to automatically size file panel columns. 2196
- Allowed browsing a source folder/file instead of downloading when handling a download URL. 2211
- Passing password to PuTTY using named pipe instead of commandline.
- Made it harder to mis-click “never show this again” checkboxes. 2217
winscp.net
root certificate is always trusted when checking for updates, even when (corporate managed) Windows certificate store does not trust it. 2212- Not browsing a source folder when handling a download URL when a download dialog is canceled.
- Recognizing
CertificateFile
directive when importing sites from OpenSSH. 2220 - Restored ability to duplicate remote folders using
cp
command in secondary shell session even when the SFTP server supportscopy-file
/copy-data
extension. 2227 https://
URL withr2.cloudflarestorage.com
hostname is interpreted as S3 protocol, instead of WebDAV.- Recognizing path in Host name box on Login dialog. 2219
- Improved behavior when moving/renaming over an existing folder. 2209
- Improved OpenSSH
config
file parsing, particularly quoted and escaped values. 2206 - Support for ProFTPD command
OPTS REST STOR
to query if upload restart is possible. 2194 - Not showing a filter mask on a disconnected panel.
- Implemented generic
ICollection
implicitly by .NET assembly collections. 2187 ProxyMethod
raw session setting supports symbolical value names.- Ignoring disconnects from the server while closing the connection. 2195
- Translations updated: Danish and Traditional Chinese.
- Preventing background transfer queue list columns width to shrink too much. 2208
- Not forcing text mode for edits with Windows Notepad on Windows 10 1809 and newer, as it already supports non-Windows line endings.
- Allowed disabling SFTP extension use. 2222
- Using packet size limit announced by OpenSSH
limits@openssh.com
extension. - Improved HTTP error reporting and logging.
- With application logging enabled, automatic updates installation is started with logging too.
- Throwing an exception when
Session.SessionLogPath
is set to a path with invalid.xml
extension. 2215 - Recognizing IP addresses starting with zero in FTP PASV response as unroutable. 2224
- When there is both administrative and non administrative installation, automatic update automatically selects the the correct one for update.
- Not displaying Administrator shield icon on Upgrade button, when Administrator permissions are not needed for the upgrade.
- More meaningful error message when credentials are missing in scripting and .NET assembly.
- Bug fix: WebDAV or S3 certificate that is recognized by Windows Certificate store, but have other issues, cannot be marked trusted by the user. 2191
- Bug fix: Localized HTTP connection error messages are incorrectly decoded. 2197
- Bug fix: Special characters in directory names were not correctly restored when uploading on background with multiple connections for single transfer enabled.
- Bug fix: Master password prompt was not added to taskbar when opening session from commandline or when automatically loading workspace to yet invisible main window.
- Bug fix: Handling download URL does not work when another idle instance is running. 2203
- Bug fix: TLS session resumption is not working for subsequent FTP data connections with TLS 1.3 with some servers. 2210
- Bug fix: Failure when using
/browse=
switch and a file panel is empty. - Bug fix: Correcting default OpenSSL configuration paths.
- Bug fix: Potential failure when opening unencrypted HTTP/WebDAV connection.
- Bug fix: When second local panel tree view has focus, some keyboards shortcuts still operated on the first local panel.
- Bug fix: Local file panel malfunctions when it starts on a drive hidden by Explorer’s policy. 2216
- Bug fix: When opening UNC path, the network drive is not added to the other local panel directory tree.
- Bug fix: When opening the UNC path on the second local panel, the network drive is not added to drive drop-down menus.
- Bug fix: Script sometimes does not abort after receiving no answer for prompt, when running in batch mode.
- Bug fix: Configuration reading was broken after an attempt to access a non-existing sub-section within a section existed in raw configuration only.
- Bug fix: WinSCP could ask the server to return more data during SFTP download than it can process. 2218
- Bug fix: Renaming tab invalidated remembered password.
- Bug fix: WinSCP loses focus after custom command is executed. 2221
- Bug fix: Some DLLs were not protected against hijacking. 2223
- Bug fix: Failure when error occurs on secondary shell session with Continue on error option enabled. 2226
- Bug fix: Failure when reconnect on edited/opened file save is canceled. 2228
Advertisement
6.1.2
- MSI installer is not localized anymore to avoid problems with GPO. 2200
- TLS/SSL core upgraded to OpenSSL 1.1.1w.
- Translations updated: Catalan, Danish, Russian and Turkish.
- Added new
il-central-1
AWS region. - Bug fix: Typo in GPL license in installer. 2201
- Bug fix: Check for application updates was limited to TLS 1.2.