Release notes

7.11.2-23.0

New features

  • Upgraded to Elasticsearch 7.11.2

  • Enabled the connection of remote Elasticsearch cluster (without Federate plugin) through virtual index creation.

Improvements

  • Improved the documentation for performance considerations, troubleshooting, and information about permissions for APIs.

  • Reduced the heap and CPU usage when computing a broadcast or index join on a node that has more than one shard.

  • Reduced the data upload latency by improving thread management in the data upload service.

Breaking changes

Following the upgrade to Elasticsearch 7.11, the connectors to external JDBC datasources have been removed and replaced by a unique and generic Avatica JDBC connector. It is no longer possible to create a virtual index over a JDBC datasource. Instead, it is now recommended to index data from JDBC datasources through the Ingestion API. For more information, see Configuring a JDBC-enabled node.

Security fixes

Fixed a potential leak of user information across thread contexts. If a user runs a query concurrently with another more privileged user on the same coordinator node, the search could be executed with higher privileges. This could result in an attacker gaining additional permissions against a restricted index. All versions of Federate before 7.11.2-23.0, 7.10.2-22.2, 7.9.3-21.6, 7.6.2-20.2 and 6.8.14-10.3.9 are affected by this flaw. You must upgrade to Federate version 7.11.2-23.0, 7.10.2-22.2, 7.9.3-21.6, 7.6.2-20.2 or 6.8.14-10.3.9 to obtain the fix. CVE-2021-28938.

Bug fixes

  • Fixed a planner exception and an illegal access error in the inner join scenario (1 & 2), which was detected during benchmark testing.

  • Fixed a missing configuration type exception on the API that is used to define a virtual index.

  • Fixed the data output identifier of a table search scan, which impacted negatively on the join resolution and join cache hits.

  • Fixed the maximum concurrent uploads in the segment partitioner collector manager.

  • Fixed an issue that caused the filter in the index alias not to be taken into account.

  • Fixed an issue that caused the Data Streams indices not to be taken into account in search requests.

  • Fixed a bug in the Search Guard support code that caused DLS clauses not to be properly applied on nested documents.