Elasticsearch version 6.8.17edit

Also see Breaking changes in 6.8.

Security updatesedit

  • An uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node. All versions of Elasticsearch prior to 6.8.17 are affected by this flaw. You must upgrade to Elasticsearch version 6.8.17 to obtain the fix. CVE-2021-22144

Bug fixesedit

  • Improve circular reference detection in grok processor #74581