Funnelback 16.4 patches

Patches

Type Release version Description

Type	Release version	Description
3 Bug fixes	16.4.0.12	Fixed an issue where fetching Facebook comments would cause an infinite loop due to changes within the Facebook endpoints.
3 Bug fixes	16.4.0.11	Fixed a security vulnerability where jackson-databind might allow remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks.
3 Bug fixes	16.4.0.11	Fixed a security vulnerability where com.google.oauth-client hasn’t implemented PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps.
3 Bug fixes	16.4.0.10	Fixed the security vulnerability where Spring Framework RCE may be vulnerable to remote code execution (RCE) via data binding [CVE-2022-22965]
3 Bug fixes	16.4.0.9	Removed broken administration UI used to configure reporting email as since v16 those settings are configured via results page configuration UI.
3 Bug fixes	16.4.0.8	Upgrades log4j2 to version 2.17 to fix the security vulnerability where Apache Log4j2 Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations.
3 Bug fixes	16.4.0.7	Upgrades log4j2 to version 2.15 to fix the security vulnerability where log4j2 JNDI features do not protect against attacker-controlled LDAP and other JNDI related endpoints.
3 Bug fixes	16.4.0.6	Fixes an issue where the collection tool would return an error for the index presence check.
3 Bug fixes	16.4.0.6	Restored access to data reports from the administration dashboard.
3 Bug fixes	16.4.0.6	Improves access to documentation for individual plugins from extensions administration UI.
3 Bug fixes	16.4.0.5	Fixes an issue where the edit metadata mappings administration UI wouldn’t display counts of detected sources in searchable documents properly.
3 Bug fixes	16.4.0.5	Fixes an issue where the tuning results administration UI couldn’t help apply an outcome of the tuning run.
3 Bug fixes	16.4.0.4	Fixes an issue where perl file manager throws an exception about untainted values when the users try to upload files.
3 Bug fixes	16.4.0.3	Fixes an issue where perl file manager throws an exception about untainted values when the users try to publish or delete files.
3 Bug fixes	16.4.0.3	Fixes an issue where rules defined in `redirects.cfg` wouldn’t work.
3 Bug fixes	16.4.0.2	Fixes the Admin API side of the `create-collection.pl` fix released in patch 16.4.0.1.
3 Bug fixes	16.4.0.1	Fixes `create-collection.pl`.

3 Bug fixes

16.4.0.12

Fixed an issue where fetching Facebook comments would cause an infinite loop due to changes within the Facebook endpoints.

3 Bug fixes

16.4.0.11

Fixed a security vulnerability where jackson-databind might allow remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks.

3 Bug fixes

16.4.0.11

Fixed a security vulnerability where com.google.oauth-client hasn’t implemented PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps.

3 Bug fixes

16.4.0.10

Fixed the security vulnerability where Spring Framework RCE may be vulnerable to remote code execution (RCE) via data binding [CVE-2022-22965]

3 Bug fixes

16.4.0.9

Removed broken administration UI used to configure reporting email as since v16 those settings are configured via results page configuration UI.

3 Bug fixes

16.4.0.8

Upgrades log4j2 to version 2.17 to fix the security vulnerability where Apache Log4j2 Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations.

3 Bug fixes

16.4.0.7

Upgrades log4j2 to version 2.15 to fix the security vulnerability where log4j2 JNDI features do not protect against attacker-controlled LDAP and other JNDI related endpoints.

3 Bug fixes

16.4.0.6

Fixes an issue where the collection tool would return an error for the index presence check.

3 Bug fixes

16.4.0.6

Restored access to data reports from the administration dashboard.

3 Bug fixes

16.4.0.6

Improves access to documentation for individual plugins from extensions administration UI.

3 Bug fixes

16.4.0.5

Fixes an issue where the edit metadata mappings administration UI wouldn’t display counts of detected sources in searchable documents properly.

3 Bug fixes

16.4.0.5

Fixes an issue where the tuning results administration UI couldn’t help apply an outcome of the tuning run.

3 Bug fixes

16.4.0.4

Fixes an issue where perl file manager throws an exception about untainted values when the users try to upload files.

3 Bug fixes

16.4.0.3

Fixes an issue where perl file manager throws an exception about untainted values when the users try to publish or delete files.

3 Bug fixes

16.4.0.3

Fixes an issue where rules defined in redirects.cfg wouldn’t work.

3 Bug fixes

16.4.0.2

Fixes the Admin API side of the create-collection.pl fix released in patch 16.4.0.1.

3 Bug fixes

16.4.0.1

Fixes create-collection.pl.

Help Center

Menu

Funnelback 16.4 patches

Patches