IMPORTANT: No additional bug fixes or documentation updates
will be released for this version. For the latest information, see the
current release documentation.
Elastic Cloud Enterprise 2.13.3edit
The following changes are included in this release.
Enhancementsedit
Update nimbus-jose-jwt to 9.31. Various fixes and enhancements.
Bump Jackson version to 2.9.10.8. This version brings fixes for a large number of CVEs:
-
"Gadget"-deserialisation-related:
- CVE-2020-10968
- CVE-2020-14061
- CVE-2020-14062
- CVE-2020-14195
- CVE-2020-36184
- CVE-2020-36182
- CVE-2020-35728
- CVE-2020-11619
- CVE-2020-36185
- CVE-2020-35490
- GHSA-58pp-9c76-5625
- CVE-2020-36186
- CVE-2020-36187
- GHSA-5949-rw7g-wx7w
- GHSA-v3xw-c963-f5hc
- CVE-2020-24616
- GHSA-r3gr-cxrf-hg25
- CVE-2020-36188
- CVE-2020-36180
- GHSA-95cm-88f5-f2c7
- CVE-2020-36189
- CVE-2020-14060
- CVE-2020-36181
- CVE-2020-11620
- CVE-2020-10969
- CVE-2020-36179
- CVE-2020-36183
- CVE-2020-11113
- GHSA-rpr3-cw39-3pxh
- XML XXE.