mirror of
https://github.com/elastic/elasticsearch.git
synced 2025-06-28 17:34:17 -04:00
43 lines
1.3 KiB
Text
43 lines
1.3 KiB
Text
[[release-notes-8.9.2]]
|
|
== {es} version 8.9.2
|
|
|
|
Also see <<breaking-changes-8.9,Breaking changes in 8.9>>.
|
|
|
|
[[known-issues-8.9.2]]
|
|
[float]
|
|
=== Known issues
|
|
include::8.7.1.asciidoc[tag=no-preventive-gc-issue]
|
|
|
|
[float]
|
|
[[security-updates-8.9.2]]
|
|
=== Security updates
|
|
|
|
* {es} generally filters out sensitive information and credentials before
|
|
logging to the audit log. It was found that this filtering was not applied when
|
|
requests to {es} use certain deprecated `_xpack/security` URIs for APIs. The
|
|
impact of this flaw is that sensitive information, such as passwords and tokens,
|
|
might be printed in cleartext in {es} audit logs. Note that audit logging is
|
|
disabled by default and needs to be explicitly enabled. Even when audit logging
|
|
is enabled, request bodies that could contain sensitive information are not
|
|
printed to the audit log unless explicitly configured.
|
|
+
|
|
The issue is resolved in {es} 8.9.2.
|
|
+
|
|
For more information, see our related
|
|
https://discuss.elastic.co/t/elasticsearch-8-9-2-and-7-17-13-security-update/342479[security
|
|
announcement].
|
|
|
|
[[bug-8.9.2]]
|
|
[float]
|
|
=== Bug fixes
|
|
|
|
Data streams::
|
|
* Avoid lifecycle NPE in the data stream lifecycle usage API {es-pull}98260[#98260]
|
|
|
|
Geo::
|
|
* Fix mvt error when returning partial results {es-pull}98765[#98765] (issue: {es-issue}98730[#98730])
|
|
|
|
Ingest Node::
|
|
* Revert "Add mappings for enrich fields" {es-pull}98683[#98683]
|
|
|
|
|