Hi Robert! Please check out the version 0.20.5, it contains the fix for the highlighting problem.
Best, Kay On Friday, July 4, 2014 11:19:31 AM UTC+2, Robert Logan wrote: > > Fired this up today on two systems 0.20.4 server and web, both show the > same error on any search, coming from the application.log of the web > interface: > > 2014-07-04 09:00:40,688 - [ERROR] - from application in > play-internal-execution-context-1 > > > ! @6imb5jd98 - Internal server error, for (GET) > [/graylog/search?rangetype=relative&fields=&relative=28800&from=&to=&q=source%3Aip%5C-10%5C-73%5C-152%5C-101.eu%5C-west%5C-1.compute.internal] > > -> > > play.api.Application$$anon$1: Execution exception[[RuntimeException: No > highlight ranges for field: message]] > at play.api.Application$class.handleError(Application.scala:293) > ~[com.typesafe.play.play_2.10-2.2.2-RC1.jar:2.2.2-RC1] > at play.api.DefaultApplication.handleError(Application.scala:399) > [com.typesafe.play.play_2.10-2.2.2-RC1.jar:2.2.2-RC1] > at > play.core.server.netty.PlayDefaultUpstreamHandler$$anonfun$2$$anonfun$applyOrElse$3.apply(PlayDefaultUpstreamHandler.scala:261) > > [com.typesafe.play.play_2.10-2.2.2-RC1.jar:2.2.2-RC1] > at > play.core.server.netty.PlayDefaultUpstreamHandler$$anonfun$2$$anonfun$applyOrElse$3.apply(PlayDefaultUpstreamHandler.scala:261) > > [com.typesafe.play.play_2.10-2.2.2-RC1.jar:2.2.2-RC1] > at scala.Option.map(Option.scala:145) > [org.scala-lang.scala-library-2.10.3.jar:na] > at > play.core.server.netty.PlayDefaultUpstreamHandler$$anonfun$2.applyOrElse(PlayDefaultUpstreamHandler.scala:261) > > [com.typesafe.play.play_2.10-2.2.2-RC1.jar:2.2.2-RC1] > at > play.core.server.netty.PlayDefaultUpstreamHandler$$anonfun$2.applyOrElse(PlayDefaultUpstreamHandler.scala:257) > > [com.typesafe.play.play_2.10-2.2.2-RC1.jar:2.2.2-RC1] > at > scala.concurrent.Future$$anonfun$recoverWith$1.apply(Future.scala:344) > [org.scala-lang.scala-library-2.10.3.jar:na] > at > scala.concurrent.Future$$anonfun$recoverWith$1.apply(Future.scala:343) > [org.scala-lang.scala-library-2.10.3.jar:na] > at scala.concurrent.impl.CallbackRunnable.run(Promise.scala:32) > [org.scala-lang.scala-library-2.10.3.jar:na] > at > play.api.libs.iteratee.Execution$$anon$1.execute(Execution.scala:43) > [com.typesafe.play.play-iteratees_2.10-2.2.2-RC1.jar:2.2.2-RC1] > at > scala.concurrent.impl.CallbackRunnable.executeWithValue(Promise.scala:40) > [org.scala-lang.scala-library-2.10.3.jar:na] > at > scala.concurrent.impl.Promise$DefaultPromise.tryComplete(Promise.scala:248) > [org.scala-lang.scala-library-2.10.3.jar:na] > at scala.concurrent.Promise$class.complete(Promise.scala:55) > [org.scala-lang.scala-library-2.10.3.jar:na] > at > scala.concurrent.impl.Promise$DefaultPromise.complete(Promise.scala:153) > [org.scala-lang.scala-library-2.10.3.jar:na] > at scala.concurrent.Future$$anonfun$map$1.apply(Future.scala:235) > [org.scala-lang.scala-library-2.10.3.jar:na] > at scala.concurrent.Future$$anonfun$map$1.apply(Future.scala:235) > [org.scala-lang.scala-library-2.10.3.jar:na] > at scala.concurrent.impl.CallbackRunnable.run(Promise.scala:32) > [org.scala-lang.scala-library-2.10.3.jar:na] > at > scala.concurrent.forkjoin.ForkJoinTask$AdaptedRunnableAction.exec(ForkJoinTask.java:1361) > > [org.scala-lang.scala-library-2.10.3.jar:na] > at > scala.concurrent.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260) > [org.scala-lang.scala-library-2.10.3.jar:na] > at > scala.concurrent.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339) > > [org.scala-lang.scala-library-2.10.3.jar:na] > at > scala.concurrent.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979) > [org.scala-lang.scala-library-2.10.3.jar:na] > at > scala.concurrent.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107) > > [org.scala-lang.scala-library-2.10.3.jar:na] > Caused by: java.lang.RuntimeException: No highlight ranges for field: > message > at > models.api.results.HighlightedField.getChunks(HighlightedField.java:41) > ~[graylog2-web-interface.graylog2-web-interface-0.20.4.jar:0.20.4] > at > views.html.search.results$$anonfun$apply$2.apply(results.template.scala:414) > ~[graylog2-web-interface.graylog2-web-interface-0.20.4.jar:0.20.4] > > > On Thursday, 3 July 2014 15:59:14 UTC+1, Kay Röpke wrote: >> >> Hey everybody, >> >> a new bug fix release, Graylog2 v0.20.4, has been released. >> >> This release includes a fix for an XSS vulnerability when using message >> highlighting, thus we recommend upgrading to 0.20.4 as soon as possible. >> Message highlighting is disabled by default in the server, so if you have >> not enabled it, you are not affected by this vulnerability. >> Many thanks to GitHub user r-a-c for reporting this problem! >> >> Another change concerns stability when using the Kafka radio input. By >> limiting the concurrently used Kafka streams this change should positively >> influence the stability of the input. >> >> Finally, a runtime limiting mechanism has been introduced that limits the >> amount of time a stream rule can take to avoid stalling message processing. >> Slow, backtracking, regular expressions could lead to consuming all CPU in >> certain cases, this change limits their impact by disabling stream rules >> should they be too slow. A system notification will be shown if this is the >> case. >> >> For a complete list of changes in both the server and web interface >> please refer to: >> * >> https://github.com/Graylog2/graylog2-server/issues?milestone=27&state=closed >> * >> https://github.com/Graylog2/graylog2-web-interface/issues?milestone=29&page=1&state=closed >> >> The new releases are available on the GitHub release pages: >> * https://github.com/Graylog2/graylog2-server/releases/tag/0.20.4 >> * https://github.com/Graylog2/graylog2-web-interface/releases/tag/0.20.4 >> >> Version 0.20.3 should be compatible to version 0.20.4, however we >> recommend upgrading Graylog2 Server, Radio as well as the web interface to >> the same version. >> >> A big thank you to the TORCH team. >> >> Thank you, >> Kay >> >> > > ---------------------------------------------------------------------------------- > > The information in this email is confidential and may be legally > privileged. It is intended solely for the addressee. Access to this email > by anyone else is unauthorised. If you are not the intended recipient, any > disclosure, copying, distribution or any action taken or omitted to be > taken in reliance on it, is prohibited and may be unlawful. > > Policy Expert is a trading name of QMetric Group Limited who is authorised > and regulated by the Financial Conduct Authority. The registered company > address of QMetric Group Limited is: 32-38 Dukes Place, London, EC3A 7LP > and its company registration number is 07151701. > > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
