Elasticsearch version 6.8.17

edit

Elasticsearch version 6.8.17

edit

Also see Breaking changes in 6.8.

Security updates

edit
  • An uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node. All versions of Elasticsearch prior to 6.8.17 are affected by this flaw. You must upgrade to Elasticsearch version 6.8.17 to obtain the fix. CVE-2021-22144

Bug fixes

edit
Features/Ingest
  • Improve circular reference detection in grok processor #74581