Funnelback 16.2 patches

Patches

Type Release version Description

3 Bug fixes

16.2.0.15

Upgrades log4j2 to version 2.17 to fix the security vulnerability where Apache Log4j2 Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations.

3 Bug fixes

16.2.0.14

Upgrades log4j2 to version 2.15 to fix the security vulnerability where log4j2 JNDI features do not protect against attacker-controlled LDAP and other JNDI related endpoints.

3 Bug fixes

16.2.0.13

Fixes an issue where the collection tool would return an error for the index presence check.

3 Bug fixes

16.2.0.13

Restored access to data reports from the administration dashboard.

3 Bug fixes

16.2.0.13

Improves access to documentation for individual plugins from extensions administration UI.

3 Bug fixes

16.2.0.13

Fixes an issue where perl file manager throws an exception about untainted values when the users try to upload files.

3 Bug fixes

16.2.0.13

Fixes an issue where perl file manager throws an exception about untainted values when the users try to publish or delete files.

3 Bug fixes

16.2.0.13

Fixes an issue where the tuning results administration UI couldn’t help apply an outcome of the tuning run.

3 Bug fixes

16.2.0.12

Fixes an issue where the edit metadata mappings administration UI wouldn’t display counts of detected sources in searchable documents properly.

3 Bug fixes

16.2.0.11

Fixes an issue where rules defined in redirects.cfg wouldn’t work.

3 Bug fixes

16.2.0.10

Fixes an issue with the admin UI which prevents creation of push and custom data sources.

3 Bug fixes

16.2.0.9

Fixes create-collection.pl.

3 Bug fixes

16.2.0.8

Fixes an issue with push replication in SAML mode as push APIs return now 401 rather than 302 for not-authenticated requests.

3 Bug fixes

16.2.0.7

Search session cookies are now explicitly marked with SameSite=None;Secure to fix functionality in partial integrations.

3 Bug fixes

16.2.0.7

Fixes an issue in the DocumentFixerFilterProvider filter in which h1 and h2 elements containing only non-breaking spaces could be used as titles.

3 Bug fixes

16.2.0.6

Fixes an issue where faceted navigation UI would freeze due to numerous API requests done to check templates' backups for the usage of legacy facets.

3 Bug fixes

16.2.0.5

Fixes a cross-site scripting vulnerability in Freemarker templates.

3 Bug fixes

16.2.0.4

Enables users to log into the webdav endpoint without specifying a client id. This is now aligned with other the API endpoints.

3 Bug fixes

16.2.0.3

Fixed a bug with update of YouTube data sources when no channel ID is provided.

3 Bug fixes

16.2.0.2

Fixes a bug in reports-send-email.pl, which causes high load.

3 Bug fixes

16.2.0.1

Fixes a bug in filtering in which outlook files with attachments could not be parsed correctly.