We’re happy to announce the 10th Search Guard Release today.
This is a bugfix release which contains an important bugfix for DLS/FLS and Auditlog.
If you use one of this features please upgrade as soon as possible.
Please find more details here: https://github.com/floragunncom/search-guard/wiki/SecurityIssues
Search Guard Version 10:
- Add missing auditlog hooks and configuration properties (#SISG 5)
- Fix possible class cast exception when logging on TRACE level
- Fix XFF Proxies - documentation, default values and implementation inconsistention #255
- Fix Bug in XFFResolver.java - bad type of request #256
- Fix Kerberos configuration examples
- Add username_attribute for http client cert authenticator
- Mark http host authenticator deprecated. Host based authentication is supported via roles_mapping.yml (and was always), #214
- Resolve index patterns correctly for DLS and FLS, changed default indices options to lenientExpandOpen, #266 (#SISG 4)
--diagnose, --delete-config-index and --enable-shard-allocationoptions to sgadmin
- Fix duplicated authorizers (clear authorizers on change)
- Fix ?pretty=true does not work #259
- Fix default permissions in templates
- Fix a problem with
authinfoendpoint if an exception were raised (builder object was left in a dirty state)
- Add missing searchguard.config_index_name property
- Add support for webhooks as auditlog destination
Commercial support is available: https://floragunn.com/searchguard/searchguard-license-support/
Search Guard (®) is an Elasticsearch plugin that offers encryption, authentication and authorisation.
It builds on Search Guard SSL and provides pluggable auth/auth modules in addition.