Elasticsearch version 7.10.2edit

Also see Breaking changes in 7.10.

Security updatesedit

  • An information disclosure flaw was found in the Elasticsearch async search API. Users who execute an async search will store the HTTP headers. A user with the ability to read the .tasks index could obtain sensitive request headers of other users in the cluster. All versions of Elasticsearch between 7.7.0 and 7.10.1 are affected by this flaw. You must upgrade to Elasticsearch version 7.10.2 to obtain the fix. CVE-2021-22132

Known issuesedit

  • Snapshot and restore: If an index is deleted while the cluster is concurrently taking more than one snapshot then there is a risk that one of the snapshots may never complete and also that some shard data may be lost from the repository, causing future restore operations to fail. To mitigate this problem, set snapshot.max_concurrent_operations: 1 to prevent concurrent snapshot operations:

    PUT _cluster/settings
      "persistent" : {
        "snapshot.max_concurrent_operations" : 1

    This issue is fixed in Elasticsearch versions 7.13.1 and later. It is not possible to repair a repository once it is affected by this issue, so you must restore the repository from a backup, or clear the repository by executing DELETE _snapshot/<repository name>/*, or move to a fresh repository. For more details, see #73456.

  • Parsing a request when the last element in an array is filtered out (for instance using _source_includes) fails. This is due to a bug in Jackson parser. Fixed in Elasticsearch 8.6.1 (#91456)

Bug fixesedit

  • Fix early trimming of in-flight data #66493
  • Fix the earliest last modified age of translog issue. #64753
  • Fix the version and term field initialization error of NoOpResult #66269 (issue: #66267)
Features/Data streams
  • Allow more legit cases in Metadata.Builder.validateDataStreams #65791
  • Make FilterAllocationDecider totally ignore tier-based allocation settings #67019 (issue: #66679)
  • Fix whitespace as a separator in CSV processor #67045 (issue: #67013)
  • Fix bug where fvh fragments could be loaded from wrong doc #65641 (issues: #60179, #65533)
  • Create AllocationDeciders in the main method of the ILM step #65037 (issue: #64529)
  • Fix cat tasks api params in spec and handler #66272 (issue: #59493)
  • Mark Cat Tasks API as experimental in rest-api-spec #66536 (issues: #51628, #65823)
  • Mark Task APIs as experimental in rest-api-spec #65823 (issue: #51628)
  • Fix static inner class resolution in Painless #67027 (issue: #66823)
  • Correctly determine defaults of settings which depend on other settings #65989 (issue: #47890)
  • Do not interpret SecurityException in KeystoreAwareCommand #65366
  • Handle IP type fields extraction with ignore_malformed property #66622 (issue: #66675)
Machine Learning
  • Change to only calculate model size on initial load to prevent slow cache promotions #66451
  • Ensure notify when proxy connections disconnect #65697 (issue: #65443)
  • Fix AbstractClient#execute Listener Leak #65415 (issue: #65405)
  • Abort sorting in case of local agg sort queue overflow #65687 (issue: #65685)
  • Verify filter’s condition type #66268 (issue: #66254)
  • Fix regressions around nested hits and disabled _source #66572 (issues: #60494, #66524)
  • Make sure shared source always represents the top-level root document #66725 (issues: #60494, #66577)
  • Store and use only internal security headers #66365