github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 01:38:56 -04:00
Code Issues Projects Releases Packages Wiki Activity

docs: security fix 5.0.2 release notes

Browse source
This commit is contained in:
Court Ewing 2016-11-29 11:05:39 -05:00
parent ece9e031f9
commit 520d646760
1 changed files with 11 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

11
docs/release-notes/5.0.2.asciidoc
View file

@ -3,6 +3,17 @@
Also see <<breaking-changes-5.0>>.
[float]
[[security-5.0.2]]
=== Security fixes
Kibana 5.0.0 and 5.0.1 were making requests to advanced settings and the short
URL service on behalf of the kibana server rather than the current user, which
means that being authenticated at all was sufficient to have both read and
write access to the advanced settings and short URLs. +
Kibana 5.0.2 now authenticates requests for each service on behalf of the
current user. +
{security}[ESA-2016-10] ({pull}9214[#9214])
[float]
[[bug-5.0.2]]
=== Bug fixes