Release notes
7.9.3-21.6
Improvements
-
Reduced the heap and cpu usage when computing a broadcast or index join on a node with more than one shard.
Security fixes
-
Fixed a potential leak of user information across thread contexts. If a user runs a query concurrently with another more privileged user on the same coordinator node, the search could be executed with higher privileges. This could result in an attacker gaining additional permissions against a restricted index. All versions of Federate before 7.11.2-23.0, 7.10.2-22.2, 7.9.3-21.6, 7.6.2-20.2 and 6.8.14-10.3.9 are affected by this flaw. You must upgrade to Federate version 7.11.2-23.0, 7.10.2-22.2, 7.9.3-21.6, 7.6.2-20.2 or 6.8.14-10.3.9 to obtain the fix. [CVE-2021-28938](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28938).
7.9.3-21.5
Improvements
-
Reduced the data upload latency by improving thread management in the data upload service.
Bug fixes
-
Fixed an issue that caused the filter in the index alias not to be taken into account.
-
Fixed the data output identifier of a table search scan, which impacted negatively on the join resolution and join cache hits.
-
Fixed the maximum concurrent uploads in the segment partitioner collector manager.
-
Removed the DLS header when communicating with a remote Federate cluster and Search Guard to avoid the error, “_sg_dls_query does not match (SG 900D)”.
-
Fixed a concurrent modification that occurred when pruning the query plan.
-
Fixed a bug in Search Guard that caused DLS clauses not to be properly applied on nested documents.