Skip to content
This repository has been archived by the owner on Oct 27, 2021. It is now read-only.

Commit

Permalink
Add changelog for 4.1.2, 4.0.10 and 3.3.14 (#1202)
Browse files Browse the repository at this point in the history
  • Loading branch information
@bernd
bernd committed Jul 30, 2021
1 parent c040fa8 commit 05dfc4a
Show file tree
Hide file tree
Showing 2 changed files with 123 additions and 0 deletions.
62 changes: 62 additions & 0 deletions pages/changelog.rst
View file
Expand Up @@ -2,6 +2,30 @@
Changelog
*********

Graylog 4.1.2
=============

Released: 2021-07-28

Core
^^^^

**Security**

Session ID leak in Graylog DEBUG log file and audit log.

We recently discovered a session ID leak in the Graylog DEBUG log file as well as the audit log. A user can use a session ID to authenticate against Graylog and then this user has access to all the permissions associated with the owner of the session ID.

The ID was printed in DEBUG level log messages (DEBUG is not enabled by default) as well as the Graylog Enterprise Audit Log. By default, the Graylog Audit Log is only logging to the local database and only accessible by Graylog administrators.

We would like to thank David Herbstmann for discovering and responsibly disclosing this vulnerability.

**Fixed**

- Fix confusing dependencies warning when sharing searches. `Graylog2/graylog2-server#11021 <https://github.com/Graylog2/graylog2-server/issues/11021>`_ `Graylog2/graylog2-server#11027 <https://github.com/Graylog2/graylog2-server/issues/11027>`_
- Fix index retries with connection failures to Elasticsearch 7 nodes. `Graylog2/graylog2-server#11045 <https://github.com/Graylog2/graylog2-server/issues/11045>`_ `Graylog2/graylog2-server#11057 <https://github.com/Graylog2/graylog2-server/issues/11057>`_


Graylog 4.1.1
=============

Expand Down Expand Up @@ -106,6 +130,25 @@ Integrations Plugin
- Greynoise data adapter. `Graylog2/graylog-plugin-integrations#760 <https://github.com/Graylog2/graylog-plugin-integrations/issues/760>`_


Graylog 4.0.10
==============

Released: 2021-07-28

Core
^^^^

**Security**

Session ID leak in Graylog DEBUG log file and audit log.

We recently discovered a session ID leak in the Graylog DEBUG log file as well as the audit log. A user can use a session ID to authenticate against Graylog and then this user has access to all the permissions associated with the owner of the session ID.

The ID was printed in DEBUG level log messages (DEBUG is not enabled by default) as well as the Graylog Enterprise Audit Log. By default, the Graylog Audit Log is only logging to the local database and only accessible by Graylog administrators.

We would like to thank David Herbstmann for discovering and responsibly disclosing this vulnerability.


Graylog 4.0.9
=============

Expand Down Expand Up @@ -418,6 +461,25 @@ Integrations Plugin
- Add PagerDuty event notification plugin. `Graylog2/graylog-plugin-integrations#606 <https://github.com/Graylog2/graylog-plugin-integrations/pull/606>`_


Graylog 3.3.14
==============

Released: 2021-07-28

Core
^^^^

**Security**

Session ID leak in Graylog DEBUG log file and audit log.

We recently discovered a session ID leak in the Graylog DEBUG log file as well as the audit log. A user can use a session ID to authenticate against Graylog and then this user has access to all the permissions associated with the owner of the session ID.

The ID was printed in DEBUG level log messages (DEBUG is not enabled by default) as well as the Graylog Enterprise Audit Log. By default, the Graylog Audit Log is only logging to the local database and only accessible by Graylog administrators.

We would like to thank David Herbstmann for discovering and responsibly disclosing this vulnerability.


Graylog 3.3.13
==============

Expand Down
61 changes: 61 additions & 0 deletions pages/enterprise/changelog.rst
View file
Expand Up @@ -2,6 +2,29 @@
Changelog
*********

Graylog Enterprise 4.1.2
========================

Released: 2021-07-28

Enterprise
----------

**Security**

Session ID leak in Graylog DEBUG log file and audit log.

We recently discovered a session ID leak in the Graylog DEBUG log file as well as the audit log. A user can use a session ID to authenticate against Graylog and then this user has access to all the permissions associated with the owner of the session ID.

The ID was printed in DEBUG level log messages (DEBUG is not enabled by default) as well as the Graylog Enterprise Audit Log. By default, the Graylog Audit Log is only logging to the local database and only accessible by Graylog administrators.

We would like to thank David Herbstmann for discovering and responsibly disclosing this vulnerability.

**Fixed**

- Fix license check issue in LogView widget. `Graylog2/graylog2-server#10940 <https://github.com/Graylog2/graylog2-server/issues/10940>`_ `Graylog2/graylog-plugin-enterprise#2449 <https://github.com/Graylog2/graylog-plugin-enterprise/issues/2449>`_


Graylog Enterprise 4.1.1
========================

Expand Down Expand Up @@ -62,6 +85,25 @@ Enterprise Integrations Plugin
- Add URLhaus lookup data adapter.


Graylog Enterprise 4.0.10
=========================

Released: 2021-07-28

Enterprise
----------

**Security**

Session ID leak in Graylog DEBUG log file and audit log.

We recently discovered a session ID leak in the Graylog DEBUG log file as well as the audit log. A user can use a session ID to authenticate against Graylog and then this user has access to all the permissions associated with the owner of the session ID.

The ID was printed in DEBUG level log messages (DEBUG is not enabled by default) as well as the Graylog Enterprise Audit Log. By default, the Graylog Audit Log is only logging to the local database and only accessible by Graylog administrators.

We would like to thank David Herbstmann for discovering and responsibly disclosing this vulnerability.


Graylog Enterprise 4.0.9
========================

Expand Down Expand Up @@ -234,6 +276,25 @@ Enterprise Integrations Plugin
- Script event notification plugin to replace the legacy script alarm callback plugin.


Graylog Enterprise 3.3.14
=========================

Released: 2021-07-28

Enterprise
----------

**Security**

Session ID leak in Graylog DEBUG log file and audit log.

We recently discovered a session ID leak in the Graylog DEBUG log file as well as the audit log. A user can use a session ID to authenticate against Graylog and then this user has access to all the permissions associated with the owner of the session ID.

The ID was printed in DEBUG level log messages (DEBUG is not enabled by default) as well as the Graylog Enterprise Audit Log. By default, the Graylog Audit Log is only logging to the local database and only accessible by Graylog administrators.

We would like to thank David Herbstmann for discovering and responsibly disclosing this vulnerability.


Graylog Enterprise 3.3.13
=========================

Expand Down

0 comments on commit 05dfc4a

Please sign in to comment.