Funnelback 16.4.0 release notes
Released: 16 Jun 2021
Supported until: 16 Jun 2024
This applies to Funnelback multi-tenanted, dedicated and Squiz Cloud v16.4. For Squiz DXP please see the Funnelback 16 change log. |
Use the filter to narrow down what’s in the list below, and the sort controls on each column to help locate what you are looking for.
Type | Release version | Description |
---|---|---|
2 Minor improvements |
2021-06-16 |
16.4 |
Improved the security of the download support package feature and enabled users of the Squiz DXP to access this function. |
1 New and revised features |
2021-06-16 |
16.4 |
Added administration screens for scheduling of data source and analytics updates. |
1 New and revised features |
2021-06-16 |
16.4 |
Added WCAG 2.1 support to accessibility auditor. The following checks have been added:
|
2 Minor improvements |
2021-06-16 |
16.4 |
The new workflow.publish_hook.batch allows for batching up configuration changes before publishing to query processors to reduce network load. |
2 Minor improvements |
2021-06-16 |
16.4 |
Added an option to view the details of configuration keys when the system is running in read only mode. |
2 Minor improvements |
2021-06-16 |
16.4 |
Increased the summary text limit (indexer option |
2 Minor improvements |
2021-06-16 |
16.4 |
Revised the top level structure of the documentation to make it easier for users to find relevant information. |
2 Minor improvements |
2021-06-16 |
16.4 |
Added a new API for getting the licence usage of a client. |
3 Bug fixes |
2021-06-16 |
16.4 |
Fixed a bug in the web crawler where base href tags were not processed correctly. |
3 Bug fixes |
2021-06-16 |
16.4 |
Fixed a bug where instant updates would always include the start URLs. |
3 Bug fixes |
2021-06-16 |
16.4 |
Fixed a bug where YouTube data sources could not be updated without a channel ID. |
3 Bug fixes |
2021-06-16 |
16.4 |
Fixed an issue with the document title fixer filter that caused it to insert bad titles sourced from h1 and h2 tags. |
3 Bug fixes |
2021-06-16 |
16.4 |
Fixed an issue where the faceted navigation editor screen became unresponsive when there were too many templates to check for legacy facets. |
4 Important changes |
2021-06-16 |
16.4 |
The push API no longer returns a HTTP 302 status code when SAML is enabled. A HTTP 401 status code will be returned to unauthenticated users. Users should authenticate using API tokens rather than directly when using a web browser. When using a web browser to access push API endpoints you should first authenticate using the admin API. |
3 Bug fixes |
2023-06-20 |
16.4.0.21 |
Prevented the creation of objects within Freemarker template files to ensure that template editors can not cause external code to be executed. |
1 New and revised features |
2023-06-20 |
16.4.0.21 |
Added new server configuration keys to configure the Jetty HTTP connection. |
3 Bug fixes |
2023-05-31 |
16.4.0.20 |
Fixed an issue where the search results were skewed by ranking option |
3 Bug fixes |
16.4.0.19 |
2023-04-12 |
Fixed the issue where numbers greater than 1000 were returning NaN while trying to calculate percentages in content auditor. |
3 Bug fixes |
16.4.0.19 |
2023-04-12 |
Fixed an issue with the calculation of main host scores that caused inaccurate and inconsistent information to be displayed in SEO auditor. |
3 Bug fixes |
16.4.0.18 |
2022-12-12 |
Fixed the issue where the Perl script to trigger analytics update didn’t set the correct update type. |
3 Bug fixes |
16.4.0.17 |
2022-10-07 |
Fixed an issue where the environment was not detected correctly in the configuration, resulting in configuration key values to revert to the default value. |
3 Bug fixes |
16.4.0.17 |
2022-10-07 |
Fixed an issue with client-based APIs where incorrect permissions were returned. |
3 Bug fixes |
16.4.0.17 |
2022-10-07 |
Fixed an issue with the Added a new option The extraction of relative links now follows the W3C standard regarding the validity of HTML pages. |
4 Important changes |
16.4.0.16 |
2022-08-25 |
Change client-based APIs to return what the user has access to based on the clientId rather than just reading the resources role. |
3 Bug fixes |
16.4.0.15 |
2022-08-23 |
Fixed an issue that prevented internal documentation within the administration dashboard from displaying in some circumstances. |
3 Bug fixes |
16.4.0.14 |
2022-08-19 |
Fixed an issue that caused administration dashboard labels to display intermittently. |
3 Bug fixes |
16.4.0.13 |
2022-08-15 |
Fixed an issue where the Freemarker template upgrader incorrectly upgraded custom variables named |
3 Bug fixes |
16.4.0.13 |
2022-08-15 |
Fixed an issue where trend alerts notifications were not generated. |
3 Bug fixes |
16.4.0.13 |
2022-08-15 |
Fixed an issue preventing the correct export of content auditor and accessibility auditor documents in CSV format. |
3 Bug fixes |
16.4.0.12 |
2022-05-26 |
Fixed an issue where fetching Facebook comments would cause an infinite loop due to changes within the Facebook endpoints. |
3 Bug fixes |
16.4.0.11 |
2022-05-12 |
Fixed a security vulnerability where jackson-databind might allow remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks. |
3 Bug fixes |
2022-05-12 |
16.4.0.11 |
Fixed a security vulnerability where com.google.oauth-client hasn’t implemented PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps. |
3 Bug fixes |
2022-04-08 |
16.4.0.10 |
Fixed the security vulnerability where Spring Framework RCE may be vulnerable to remote code execution (RCE) via data binding [CVE-2022-22965] |
3 Bug fixes |
2022-01-07 |
16.4.0.9 |
Removed broken administration dashboard used to configure reporting email as since v16 those settings are configured via results page configuration UI. |
3 Bug fixes |
2021-12-22 |
16.4.0.8 |
Upgrades log4j2 to version 2.17 to fix the security vulnerability where Apache Log4j2 Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations. |
3 Bug fixes |
2021-12-15 |
16.4.0.7 |
Upgrades log4j2 to version 2.15 to fix the security vulnerability where log4j2 JNDI features do not protect against attacker-controlled LDAP and other JNDI related endpoints. |
3 Bug fixes |
2021-11-12 |
16.4.0.6 |
Fixes an issue where the collection tool would return an error for the index presence check. |
3 Bug fixes |
2021-11-12 |
16.4.0.6 |
Restored access to data reports from the administration dashboard. |
3 Bug fixes |
2021-11-12 |
16.4.0.6 |
Improves access to documentation for individual plugins from extensions administration dashboard. |
3 Bug fixes |
2021-10-12 |
16.4.0.5 |
Fixes an issue where the edit metadata mappings administration dashboard wouldn’t display counts of detected sources in searchable documents properly. |
3 Bug fixes |
2021-10-12 |
16.4.0.5 |
Fixes an issue where the tuning results administration dashboard couldn’t help apply an outcome of the tuning run. |
3 Bug fixes |
2021-09-08 |
16.4.0.4 |
Fixes an issue where perl file manager throws an exception about untainted values when the users try to upload files. |
3 Bug |
2021-09-02 |
16.4.0.3 |
Fixes an issue where perl file manager throws an exception about untainted values when the users try to publish or delete files. |
3 Bug fixes |
2021-09-02 |
16.4.0.3 |
Fixes an issue where rules defined in |
3 Bug fixes |
2020-07-02 |
16.4.0.2 |
Fixes the Admin API side of the |
3 Bug fixes |
2020-06-28 |
16.4.0.1 |