20 April 2017 Releases

Kibana 5.3.1 released

By Court Ewing

Kibana version 5.3.1 is released, and it includes a couple of important bug fixes and a fix for an open redirect vulnerability in X-Pack security. Shield version 2.4.5 for Kibana has also been released with a fix for the same vulnerability.

With X-Pack installed, Kibana versions before 5.3.1 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website. Shield versions in Kibana prior to 2.4.5 are also vulnerable. ESA-2017-04. Users are encouraged to update immediately.

Other bug fixes in 5.3.1

  • Dashboards no longer trigger an error when top hits aggregations are present with no matching data #10905
  • Fixed regression where certain unsaved dashboard links, including links to a dashboard in edit mode, no longer worked #11062
  • Saved object import will no longer occasionally fail due to visualizations being imported before searches #10740
  • Improved error messages when no indices match the default index pattern #10788
  • Time ranges no longer overlap when using the time based navigation controls #11131