Appliance updates: POODLE - HTML highlighting - Manual updates
Posted: Fri Oct 31, 2014 1:46 pm
Three updates are now available for the appliance: texis-7.02.1414..., texisScripts-11.0.0, and applianceman-11.0.0. They are available via the System -> System Setup - Update Software menu.
Most notably, these updates provide some POODLE vulnerability fixes, and add within-HTML highlighting of search query terms (if Cache Content enabled).
texis-7.02.1414... provides the following:
* Support for improved RSS feed content indexing
* Fixed potential duplicate meta information from anytotx/plugin-processed files with multiple parts (e.g. mail messages) when Plugin Split is off. Was work-around, no longer needed due to Plugin Split improvements.
* Expanded error message for `State query string exceeds limit ...' message
* `Internal error: set ... returned same hit multiple times ...' message was sometimes occurring erroneously
* Beta release of support for Microsoft Outlook .pst mail folders (x86_64 appliances only)
texisScripts-11.0.0 provides:
* Hit highlighting within HTML cached content now supported (if Cache Content enabled)
* Software updates can now be applied manually to firewalled/intranetted appliances, via System -> Advanced Tools -> Upload Thunderstone Updates Manually menu item (after obtaining updates from Thunderstone)
* `Error translating via anytotx errors' now separated one per line in admin GUI
* Profiles are no longer listed for admins without permission to read them
* Plugin Split with Pages non-empty was sometimes not creating URLs for some parts, and/or assigning text for one part to another, if some parts were empty (e.g. due to anytotx error)
* Description/Keywords/Meta may have been lost from sub-parts of plugin processed documents (i.e. documents within zip files). Multiply-occurring meta headers may have been lost (or last one duplicated) for plugin processed documents.
* Added X-UA-Compatible header to prevent Internet Explorer from incorrectly using a legacy rendering engine
* SSLv3 now disabled by default in All Walk Settings -> SSL Client Protocols, due to vulnerability CVE-2014-3566 (POODLE). SSLv2 also disabled due to historically-known insecurity. Both should be avoided if possible. Note that this setting only affects appliance <-> web server connections during crawls. Appliance <-> browser (e.g. admin GUI connections) and other HTTPS connections are affected by System Wide Settings -> HTTPS/SSL Protocols, which should also have SSLv2 and SSLv3 turned off. Existing profiles should have SSLv2/SSLv3 turned off as well.
applianceman-11.0.0 brings the documentation up to date.
Most notably, these updates provide some POODLE vulnerability fixes, and add within-HTML highlighting of search query terms (if Cache Content enabled).
texis-7.02.1414... provides the following:
* Support for improved RSS feed content indexing
* Fixed potential duplicate meta information from anytotx/plugin-processed files with multiple parts (e.g. mail messages) when Plugin Split is off. Was work-around, no longer needed due to Plugin Split improvements.
* Expanded error message for `State query string exceeds limit ...' message
* `Internal error: set ... returned same hit multiple times ...' message was sometimes occurring erroneously
* Beta release of support for Microsoft Outlook .pst mail folders (x86_64 appliances only)
texisScripts-11.0.0 provides:
* Hit highlighting within HTML cached content now supported (if Cache Content enabled)
* Software updates can now be applied manually to firewalled/intranetted appliances, via System -> Advanced Tools -> Upload Thunderstone Updates Manually menu item (after obtaining updates from Thunderstone)
* `Error translating via anytotx errors' now separated one per line in admin GUI
* Profiles are no longer listed for admins without permission to read them
* Plugin Split with Pages non-empty was sometimes not creating URLs for some parts, and/or assigning text for one part to another, if some parts were empty (e.g. due to anytotx error)
* Description/Keywords/Meta may have been lost from sub-parts of plugin processed documents (i.e. documents within zip files). Multiply-occurring meta headers may have been lost (or last one duplicated) for plugin processed documents.
* Added X-UA-Compatible header to prevent Internet Explorer from incorrectly using a legacy rendering engine
* SSLv3 now disabled by default in All Walk Settings -> SSL Client Protocols, due to vulnerability CVE-2014-3566 (POODLE). SSLv2 also disabled due to historically-known insecurity. Both should be avoided if possible. Note that this setting only affects appliance <-> web server connections during crawls. Appliance <-> browser (e.g. admin GUI connections) and other HTTPS connections are affected by System Wide Settings -> HTTPS/SSL Protocols, which should also have SSLv2 and SSLv3 turned off. Existing profiles should have SSLv2/SSLv3 turned off as well.
applianceman-11.0.0 brings the documentation up to date.