Security Bug Fix Release: Search Guard 52.6

We are releasing today a new security bug fix release for Search Guard 52. It fixes a security issue which affects only users who are using filter-level DLS.

Filter-level DLS was introduced in Search Guard 52.0; in the default configuration, it is only active when you are using term-lookup queries as DSL queries in the sg_roles.yml file. Alternatively, it can be enabled using the configuration option searchguard.dls.mode: filter_level.

If you are using filter-level DLS, we are strongly recommending to update soon to Search Guard 52.6.

Search Guard (®) is an Elasticsearch plugin that offers encryption, authentication, and authorization.

Coded with love in Berlin, Denmark, Sweden, Italy, Ukraine and the US.

Search Guard is a trademark of floragunn GmbH, registered in the U.S. and in other countries.

Elasticsearch, Kibana, Logstash, and Beats are trademarks of Elasticsearch BV, registered in the U.S. and in other countries.