Prior to v3.3.3, the certificates of LDAP servers which are connected to using a secure connection (SSL or TLS) were not validated, even if the "Allow self-signed certificates" option was unchecked. Starting with v3.3.3, certificates are validated against the local default keystore. This might introduce a breaking change, depending on your local LDAP settings and the validity of the certificates used (if any). Please ensure that all certificates used are valid, their common name matches the host part of your configured LDAP server and your local keystore contains all CA/intermediate certs required for validation.
A CVE is tracked for this issue.
In 4.0 we introduce a new API endpoint to retrieve streams from the backend: '/streams/paginated' which allows to pass pagination parameters. We therefore mark '/streams' as deprecated. Users who use this endpoint for scripting purpose should change their scripts to the format of the new endpoint, so they only need to to change the URL when '/streams/paginated' will become '/streams'.
Starting with 3.3, the previous Dashboard API was replaced by the views API. Therefore it was moved to a /legacy prefix
and marked for deprecation. Now it is removed altogether.
Starting with 3.3, the previous Saved Searches API was replaced by the views API. Therefore it was moved to a /legacy prefix
and marked for deprecation. Now it is removed altogether.
For 3.3, the pre-views Dashboards & Saved Searches APIs were moved to a /legacy prefix. The new APIs were moved to /dashboards & /search/saved and legacy redirects were created for the previous routes (/views/dashboards & /views/savedSearches).
With 4.0, the legacy redirects (which were marked as being deprecated in 3.3) are removed.
For improved security, Cross-Origin requests towards the API server are now disallowed by default.
In the rare case, that your setup is serving the frontend assets from a different
origin than the server, you can reenable this by with http_enable_cors = true in graylog.conf.