We are releasing today a new security bug fix release for Search Guard 52. It fixes a security issue which affects only users who are using filter-level DLS.
Filter-level DLS was introduced in Search Guard 52.0; in the default configuration, it is only active when you are using term-lookup queries as DSL queries in the sg_roles.yml file. Alternatively, it can be enabled using the configuration option searchguard.dls.mode: filter_level.
If you are using filter-level DLS, we are strongly recommending to update soon to Search Guard 52.6.
Search Guard (®) is an Elasticsearch plugin that offers encryption, authentication, and authorization.
Coded with love in Berlin, Denmark, Sweden, Italy, Ukraine and the US.
Search Guard is a trademark of floragunn GmbH, registered in the U.S. and in other countries.
Elasticsearch, Kibana, Logstash, and Beats are trademarks of Elasticsearch BV, registered in the U.S. and in other countries.