This patch release fixes a critical security issue in Graylog v4.1.2. The information below includes important details about this release.
IMPORTANT NOTE: We recommend that all users of Graylog upgrade as soon as possible.
Hi @dscryber,
it would be nice to include also CVE details with score in security announcements like this.
Good idea, @shoothub . Here are the related CVEs:
- CVE-2021-37759: Graylog Session ID debug log file VDB-179840 · CVE-2021-37759
- CVE-2021-37760: Graylog Session ID log file VDB-179841 · CVE-2021-37760
Thanks @dscryber, if you can also update blog post and changelog in the doc with this information, it would be perfect.
I’ll forward your recommendation to our technical writers.
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.