github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 17:59:23 -04:00
Code Issues Projects Releases Packages Wiki Activity

Release notes for 5.6.5

Browse source
This commit is contained in:
jimgoodwin 2017-12-06 07:01:04 -05:00
parent 5c5e03a968
commit 1556b4adfd
2 changed files with 32 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docs/release-notes.asciidoc
View file

@ -5,6 +5,7 @@
--
This section summarizes the changes in each release.
* <<release-notes-5.6.5>>
* <<release-notes-5.6.4>>
* <<release-notes-5.6.3>>
* <<release-notes-5.6.2>>
@ -33,6 +34,7 @@ This section summarizes the changes in each release.
* <<release-notes-5.0.0>>
--
include::release-notes/5.6.5.asciidoc[]
include::release-notes/5.6.4.asciidoc[]
include::release-notes/5.6.3.asciidoc[]
include::release-notes/5.6.2.asciidoc[]

30
docs/release-notes/5.6.5.asciidoc Normal file
View file

@ -0,0 +1,30 @@
[[release-notes-5.6.5]]
== 5.6.5 Release Notes
Also see <<breaking-changes-5.0>>.
[float]
[[security-5.6.5]]
=== Security Issues
* Kibana cross site scripting issue (ESA-2017-22): Kibana versions prior to 6.0.1 and 5.6.5 had a cross-site scripting (XSS) vulnerability via URL fields that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users. CVE ID: CVE-2017-11481
* Kibana open redirect flaw (ESA-2017-23) : The Kibana fix for CVE-2017-8451 was found to be incomplete. With X-Pack installed, Kibana versions before 6.0.1 and 5.6.5 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website. CVE ID: CVE-2017-11482
Users should upgrade to Kibana version 6.0.1 or 5.6.5. There are no known workarounds for these issues.
[float]
[[bug-5.6.5]]
=== Bug fixes
Operations::
* Fixes broken path to babel register {pull}14979[#14979]
Platform::
* Prepend relative urls {pull}14994[#14994]
* Fix: exponent values in table view {pull}15309[#15309]
* [eslint] add eslint dev script {pull}14889[#14889]
* [dev/ci_setup] generalize jenkins_setup script for other CI environments {pull}15178[#15178]
Sharing::
* [Fixes #15336] Add parsedUrl to the code driving viz/dashboards {pull}15335[#15335]
Visualization::
* [Fixes #13436] allows to hide warnings in gauge {pull}15139[#15139]
* [Fixes #13947] uses maximum space for arc gauge and center aligns it {pull}15140[#15140]
* fixing field formatters for gauge {pull}15145[#15145]
* [Fixes #13947] fix metric align and size {pull}15141[#15141]