Thanks for getting the packages available so quickly. Updating now. On Friday, July 4, 2014 12:59:14 AM UTC+10, Kay Röpke wrote: > > Hey everybody, > > a new bug fix release, Graylog2 v0.20.4, has been released. > > This release includes a fix for an XSS vulnerability when using message > highlighting, thus we recommend upgrading to 0.20.4 as soon as possible. > Message highlighting is disabled by default in the server, so if you have > not enabled it, you are not affected by this vulnerability. > Many thanks to GitHub user r-a-c for reporting this problem! > > Another change concerns stability when using the Kafka radio input. By > limiting the concurrently used Kafka streams this change should positively > influence the stability of the input. > > Finally, a runtime limiting mechanism has been introduced that limits the > amount of time a stream rule can take to avoid stalling message processing. > Slow, backtracking, regular expressions could lead to consuming all CPU in > certain cases, this change limits their impact by disabling stream rules > should they be too slow. A system notification will be shown if this is the > case. > > For a complete list of changes in both the server and web interface please > refer to: > * > https://github.com/Graylog2/graylog2-server/issues?milestone=27&state=closed > * > https://github.com/Graylog2/graylog2-web-interface/issues?milestone=29&page=1&state=closed > > The new releases are available on the GitHub release pages: > * https://github.com/Graylog2/graylog2-server/releases/tag/0.20.4 > * https://github.com/Graylog2/graylog2-web-interface/releases/tag/0.20.4 > > Version 0.20.3 should be compatible to version 0.20.4, however we > recommend upgrading Graylog2 Server, Radio as well as the web interface to > the same version. > > A big thank you to the TORCH team. > > Thank you, > Kay > >
-- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
