Funnelback 16.4 patches
Patches
| Type | Release version | Description |
|---|---|---|
3 Bug fixes |
16.4.0.18 |
Fixed the issue where the Perl script to trigger analytics update didn’t set the correct update type. |
3 Bug fixes |
16.4.0.17 |
Fixed an issue where the environment was not detected correctly in the configuration, resulting in configuration key values to revert to the default value. |
3 Bug fixes |
16.4.0.17 |
Fixed an issue with client-based APIs where incorrect permissions were returned. |
3 Bug fixes |
16.4.0.17 |
Fixed an issue with the Added a new option The extraction of relative links now follows the W3C standard regarding the validity of HTML pages. |
4 Important changes |
16.4.0.16 |
Change client-based APIs to return what the user has access to based on the clientId rather than just reading the resources role. |
3 Bug fixes |
16.4.0.15 |
Fixed an issue that prevented internal documentation within the administration dashboard from displaying in some circumstances. |
3 Bug fixes |
16.4.0.14 |
Fixed an issue that caused administration dashboard labels to display intermittently. |
3 Bug fixes |
16.4.0.13 |
Fixed an issue where the Freemarker template upgrader incorrectly upgraded custom variables named |
3 Bug fixes |
16.4.0.13 |
Fixed an issue where trend alerts notifications were not generated. |
3 Bug fixes |
16.4.0.13 |
Fixed an issue preventing the correct export of content auditor and accessibility auditor documents in CSV format. |
3 Bug fixes |
16.4.0.12 |
Fixed an issue where fetching Facebook comments would cause an infinite loop due to changes within the Facebook endpoints. |
3 Bug fixes |
16.4.0.11 |
Fixed a security vulnerability where jackson-databind might allow remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks. |
3 Bug fixes |
16.4.0.11 |
Fixed a security vulnerability where com.google.oauth-client hasn’t implemented PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps. |
3 Bug fixes |
16.4.0.10 |
Fixed the security vulnerability where Spring Framework RCE may be vulnerable to remote code execution (RCE) via data binding [CVE-2022-22965] |
3 Bug fixes |
16.4.0.9 |
Removed broken administration dashboard used to configure reporting email as since v16 those settings are configured via results page configuration UI. |
3 Bug fixes |
16.4.0.8 |
Upgrades log4j2 to version 2.17 to fix the security vulnerability where Apache Log4j2 Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations. |
3 Bug fixes |
16.4.0.7 |
Upgrades log4j2 to version 2.15 to fix the security vulnerability where log4j2 JNDI features do not protect against attacker-controlled LDAP and other JNDI related endpoints. |
3 Bug fixes |
16.4.0.6 |
Fixes an issue where the collection tool would return an error for the index presence check. |
3 Bug fixes |
16.4.0.6 |
Restored access to data reports from the administration dashboard. |
3 Bug fixes |
16.4.0.6 |
Improves access to documentation for individual plugins from extensions administration dashboard. |
3 Bug fixes |
16.4.0.5 |
Fixes an issue where the edit metadata mappings administration dashboard wouldn’t display counts of detected sources in searchable documents properly. |
3 Bug fixes |
16.4.0.5 |
Fixes an issue where the tuning results administration dashboard couldn’t help apply an outcome of the tuning run. |
3 Bug fixes |
16.4.0.4 |
Fixes an issue where perl file manager throws an exception about untainted values when the users try to upload files. |
3 Bug fixes |
16.4.0.3 |
Fixes an issue where perl file manager throws an exception about untainted values when the users try to publish or delete files. |
3 Bug fixes |
16.4.0.3 |
Fixes an issue where rules defined in |
3 Bug fixes |
16.4.0.2 |
Fixes the Admin API side of the |
3 Bug fixes |
16.4.0.1 |
Fixes |