github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 01:38:56 -04:00
Code Issues Projects Releases Packages Wiki Activity

[DOCS] Re-adds coming macro to release notes (#72087)

Browse source
This commit is contained in:
Lisa Cawley 2020-07-16 11:24:59 -07:00 committed by GitHub
parent ee1f782e03
commit 01c686cb8d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

13
docs/CHANGELOG.asciidoc
View file

@ -101,18 +101,7 @@ This section summarizes the changes in each release.
[[release-notes-6.8.11]]
== {kib} 6.8.11
[float]
[[security-update-6.8.11]]
=== Security updates
* In {kib} 6.8.11 and earlier, there is a denial of service (DoS) flaw in Timelion. Attackers can construct a URL that when viewed by a {kib} user,
the {kib} process consumes large amounts of CPU and becomes unresponsive, CVE-2020-7016.
+
You must upgrade to 6.8.11. If you are unable to upgrade, set `timelion.enabled` to `false` in your kibana.yml file to disable Timelion.
* In all {kib} versions, region map visualizations contain a stored XSS flaw. Attackers that can edit or create region map visualizations can obtain
sensitive information or perform destructive actions on behalf of {kib} users who view the region map visualization, CVE-2020-7017.
+
You must upgrade to 6.8.11. If you are unable to upgrade, set `xpack.maps.enabled`, `region_map.enabled`, and `tile_map.enabled` to `false` in kibana.yml to disable map visualizations.
coming::[6.8.11]
[float]
[[enhancement-v6.8.11]]