4.1.3

4.1.3

The following issues have been resolved in this release:

• A cross-site scripting vulnerability was resolved in this release. More information about this issue is available on the Splunk Security Portal. (SPL-31736)
• All dashboard panels that are rendered from any scheduled job that was run by the scheduler, appear to get 'last refreshed time' of NaN NaN NaN (SPL-31162)
• Email alert link fails when a saved search is in Japanese. (SPL-31477)
• Japanese strings on Email contents are garbled. (SPL-30670)
• Links from saved search alerts are showing no events. (SPL-31337, SPL-31324)
• Exporting multiline events only writes the first 100 lines to the csv file. (SPL-29261)
• The timeout value for distributed searches has been increased to 100s from 30s. (SPL-31682)
• Various Job Manager behavior inconsistencies (issues with sorting and display) have been resolved and some architectural improvements have been made. (SPL-31605, SPL-28983)
• If client and server are in different timezones, drill-downs create the wrong epochtime timerange. (SPL-31220)
• Splunk doesn't restart listening on port 9997 if TcpInputProc shuts down the port to clear blocked queues. (SPL-31190)
• The time_before_close setting has been reimplemented as a per-input stanza setting in inputs.conf rather than a global setting in limits.conf. Existing settings are still honored, although a warning is logged. (SPL-31340)
• If client and server are in different timezones, drill-downs create the wrong epochtime timerange. (SPL-31220)
• The max_fd setting in limits.conf has been reinstated with a default value of 100 to address issues with monitoring over NFS mounts. (SPL-31518)
• A crash in the parsing queue has been resolved. (SPL-31379)
• A crash in resultproviderworkerthread has been resolved. (SPL-31328, SPL-31768)
• The migration script was altered to cp instead of mv certain files to improve distribution of builds from Perforce. (SPL-31316)
• A search issue producing a "The search job terminated unexpectedly" error has been resolved. (SPL-31255)
• Some improvements were made to the user caching scheme for scripted auth to resolve a session failure issue. (SPL-31248)
• Cloning the "admin" role in Manager wasn't inheriting all the capabilities on installations using LDAP auth. (SPL-31240)
• Number of events from indexing a plain text file is different than from the same file gzipped. (SPL-31093)
• An issue with TcpInputProc disconnecting with "ERROR TcpInputProc - Error encountered for connection" and indexing not beginning until 20-40 minutes from startup has been resolved. (SPL-31032)
• Saved searches spanning multiple lines with \n|\r are not migrated properly. (SPL-30986)
• Server time zone is not being properly applied to flash charts. (SPL-30950)
• 3.4.x to 4.1.x migration displays warning about modules directory that isnt needed. (SPL-30678)
• CLI password is displayed (not trasmitted) in the clear on AIX. (SPL-30503)
• Searches are scheduled & run with SplunkLightForwarder app enabled. (SPL-29224)
• Normal users can use /properties endpoint to create conf files in arbitrary places. (SPL-31793)
• Inability to write to auth token file after running out of disk space means any Splunk cli command results in "unicode-file-writer.c:122: utrans_write_codepoint: Assertion `(ufil->common.encoding & 0xFF) == (0x0004)' failed" error. (SPL-31651)
• Running ./splunk show license segfaults. (SPL-31632)
• A segmentation fault with "Crashing thread: ResultProvider setup for" has been resolved. (SPL-31367)
• Distributed search bundle replication should reap old bundles to save disk space. (SPL-30987)
• Scripted auth examples fail if username/password contain "=" or "--". (SPL-30957)
• Typehead - annoying and (for some) frequent bug where it jumps your cursor to the end of the line. (SPL-29858)

• Was this topic useful?
• Post a comment