Today we are pleased to announce the bug fix release of Elasticsearch 5.1.2, the latest stable release, and Elasticsearch 2.4.4, the latest release in the legacy 2.x series. Both are already available for deployment on Elastic Cloud, our Elasticsearch-as-a-service platform.
All 5.x users are advised to upgrade.
Latest stable release in 5.x:
Latest stable release in 2.x:
Full details of the changes in this release are available in the release notes listed above, but there are a few important changes which are worth singling out:
Document- and field-level security bug in 5.1.1
In some cases, X-Pack 5.1.1 did not properly apply document and field level security to multi-search and multi-get requests so users without access to a document and/or field may have been able to access this information. This vulnerability has been assigned the identifier ESA-2017-01 and only affects X-Pack v5.1.1. Thanks to Sébastien Malinge from Afone Infrastructure for reporting.
Adding or updating a field in an index with many types would decompress, deserialise, update, reserialise, and recompress all types in that index, even those that have not changed. This logic has been changed to only reserialise and recompress types that have changed, which provides a big speedup for users with complicated mappings. This change is also available in Elasticsearch 2.4.4.
Node statistics were being retrieved from the IndexWriter but these stats could be inconsistent, especially under heavy indexing load. This might end up returning bizarre statistics like negative deleted document counts to the master node, which would drop the connection to the node sending the stats and possibly leave the cluster. Now stats are returned from an IndexReader to ensure that they are consistent.
Netty (our networking layer) uses various techniques to try to reduce the amount of garbage it produces (and which needs to be collected). The Netty recycler, however, appears not to recycle frequently enough. This can result in heap exhaustion and out of memory errors, especially on small nodes or big nodes with high throughput. Symptoms include a "fatal error on the network layer", caused by an OOM exception, high GC overhead logging, and high young GC collection logging. We have now disabled the Netty recycler.