Release notes
7.6.2-20.2
Improvements
-
Reduced the heap and cpu usage when computing a broadcast or index join on a node with more than one shard.
-
Reduced the data upload latency by improving thread management in the data upload service.
-
An error is now reported to the user if the
project
clause is used in a scroll context.
Security fixes
-
Fixed a potential leak of user information across thread contexts. If a user runs a query concurrently with another more privileged user on the same coordinator node, the search could be executed with higher privileges. This could result in an attacker gaining additional permissions against a restricted index. All versions of Federate before 7.11.2-23.0, 7.10.2-22.2, 7.9.3-21.6, 7.6.2-20.2 and 6.8.14-10.3.9 are affected by this flaw. You must upgrade to Federate version 7.11.2-23.0, 7.10.2-22.2, 7.9.3-21.6, 7.6.2-20.2 or 6.8.14-10.3.9 to obtain the fix. CVE-2021-28938.
Bug fixes
-
Fixed an issue that caused the filter in the index alias not to be taken into account.
-
Fixed an issue that caused the Data Streams indices not to be taken into account in search requests.
-
Fixed the data output identifier of a table search scan, which impacted negatively on the join resolution and join cache hits.
-
Removed the creation of recurring tasks in the Federate wrapper for the index service.
-
Fixed the maximum concurrent uploads in the segment partitioner collector manager.
-
Removed the cluster state listener when closing the buffer allocator and data staging services.
-
Removed the DLS header when communicating with a remote Federate cluster and Search Guard to avoid the error, "_sg_dls_query does not match (SG 900D)".
-
Fixed a bug in Search Guard that caused DLS clauses not to be properly applied on nested documents.