This is a bug fix release including a security update for our Graylog Operations (formerly Enterprise) and Security customers using OIDC support with Google. If you are not using OIDC support for Google, or you are running Graylog Open Source or a version prior to Graylog 4.2 you DO NOT need to upgrade to this version.
The new release includes the ability to set the hd authentication parameter on the OIDC Authentication pages to restrict access to members of your G Suite domain. You must set this parameter to restrict access.
If you are running self-managed publicly available Graylog instances, we strongly recommend you upgrade your Graylog instance and set this parameter. However, everyone using OIDC support with Google should take this extra step as a security precaution.
Many thanks to our community for reporting issues and contributing fixes.
DOWNLOAD LINKS
Tarballs (manual installation):
- Graylog Server
- Graylog Enterprise Server
- Graylog Enterprise Plugin
- Graylog Integrations Plugin
- Graylog Enterprise Integrations Plugin
GRAYLOG FORWARDER
Tarball (manual installation):
OS Packages
Docker image:
- Docker Hub
- docker pull graylog/graylog-forwarder:4.8-1
Please report bugs and any other issues in our GitHub issue tracker. Thank you!
GRAYLOG OPERATIONS 4.3.5
Released: 2022-08-09
Operations
Added
- Add custom OIDC claims in the OIDC authentication backend configuration. graylog2-plugin-enterprise#3544
OPERATIONS INTEGRATIONS PLUGIN
No changes since 4.3
GRAYLOG 4.3.5
Released: 2022-08-09
CORE
Fixed
- Fix Alert Notification content pack import error. graylog2-server#13197
INTEGRATIONS PLUGIN
No changes since 4.3
CHANGELOGS
Let us know what you’d like to have included in our GitHub issue tracker.
