github opendistro-for-elasticsearch/security v1.9.0.2
Release v1.9.0.2

latest releases: v1.13.1.0, v1.13.1.0-tesingPluginRenaming, v1.13.1.0-rc2...
4 years ago

Install

  • To install plugin navigate to the Elasticsearch home directory and run
    sudo bin/elasticsearch-plugin install https://d3g5vo6xdbdb9a.cloudfront.net/downloads/elasticsearch-plugins/opendistro-security/opendistro_security-1.9.0.2.zip

Enhancements

  • Remove cluster monitor check from audit transport check (#653)
  • Enable or disable check for all audit REST and transport categories (#645)
  • Add ability for plugins to inject roles (#560)

Bug fixes

  • Remove exception details from responses (#667)
  • Adding onelogin loadXML util helper to prevent XXE attacks (#659)
  • Add non-null to store even non-default values in serialization (#652)
  • Refactor opendistro_security_action_trace logger (#609)
  • Fail on invalid rest and transport categories (#638)
  • Correct a typo in the Readme file. (#607)
  • Fix AccessControlException during HTTPSamlAuthenticator initialization. (#626)
  • Remove unnecessary check of remote address for null (#616)
  • Prevent hidden roles from being added via rolesmapping and internalusers API (#614)

Maintenance

  • Close AuditLog while closing OpenDistroSecurityPlugin and unregister shutdown hook when closing AuditLogImpl. (#663)
  • Fix unit tests failures in HTTPSamlAuthenticatorTest (#664)
  • Add copyright headers for audit classes (#644)
  • Clean up rest and transport header filtering (#637)
  • Upgrade jackson-databind to 2.11.2 (#618)

Don't miss a new security release

NewReleases is sending notifications on new releases.