Security Bug Fix Release: Search Guard 52.6

We are releasing today a new security bug fix release for Search Guard 52. It fixes a security issue which affects only users who are using filter-level DLS.

Filter-level DLS was introduced in Search Guard 52.0; in the default configuration, it is only active when you are using term-lookup queries as DSL queries in the sg_roles.yml file. Alternatively, it can be enabled using the configuration option searchguard.dls.mode: filter_level.

If you are using filter-level DLS, we are strongly recommending to update soon to Search Guard 52.6.

Search Guard (®) is an Elasticsearch plugin that offers encryption, authentication, and authorization.

Coded with love in Berlin, Denmark, Sweden, Italy, Ukraine and the US.

Search Guard is a trademark of floragunn GmbH, registered in the U.S. and in other countries.

Elasticsearch, Kibana, Logstash, and Beats are trademarks of Elasticsearch BV, registered in the U.S. and in other countries.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.