IMPORTANT: No additional bug fixes or documentation updates
will be released for this version. For the latest information, see the
current release documentation.
Kibana 7.7.1
editKibana 7.7.1
editSecurity update
editIn Kibana 5.4.0 and later, TSVB visualizations contain a stored XSS flaw. Attackers that can edit and create TSVB visualizations can obtain sensitive information, or perform destructive actions, on behalf of the Kibana users who edit the TSVB visualization, CVE-2020-7015.
You must upgrade to 7.7.1. If you are unable to upgrade, set metrics.enabled:false
in your kibana.yml file to disable TSVB.
Bug fixes
edit- Alerting
-
- Fixes bug with no possibility to edit the index name after adding #64033
- Corrects validation and errors handling in PagerDuty action #63954
- Fixes saving doc count alerts #63750
- Fixes issue when connectors dropdown not showing all avaliable connectors #63636
- Fixes inability to clear numeric field in a "Group over top docs" condition #63543
- Handles when an Alerting Task fails due to its Alert object being deleted mid flight #63093 APM:
- Encodes spaces when creating ML job #63683
- Canvas
- Dashboard
- Discover
-
- Don’t lose dashboard/visualize/discover state when navigating to other applications #66766
- Lens and visualizations
-
- Fixes redirect on reload #66491
- Timelion graph is not refreshing content after searching or filtering #67023
- Don’t lose dashboard/visualize/discover state when navigating to other applications #66766
- Fixes redirect on reload #66491
- Shows missing values on chart setting #66375
- Usage of custom plugins using the @plugin statement and inline JavaScript in less code used in the TSVB Markdown visualization is not allowed anymore. Using it will simply not apply the styles #65467
- Fixes std deviation band mode #64413
- Reloads on ui state change and fix ui state for tsvb #63699 Machine Learning:
- Fixes watch creation #65956
- Fixes new job wizard with multiple indices #64567
- Fixes optional plugin dependency types #64450
- Ensures both keyword/text types are excluded for selected excluded field #62712
- Management
-
- Fixes an integration issue with the security plugin in Ingest Pipelines and Snapshot and Restore that would incorrectly report requiring security to be enabled when the plugins should work normally without security. This affects the default docker distribution #67308
- Preserves saved object references when saving the object #66584
- Fixes detail panel for indices with % in the name #66435
- Setting dev_tools.enabled: false in kibana.yml will no longer crash Kibana #66276
-
Fixes
mappings
keyword in Index Management plugin (Index detail pane, Mapping tab) https://github.com/elastic/kibana/pull/66012#66012]
- Maps
- Metrics
- Monitoring
- Platform
-
- Allows any type for customResponseHeaders config #66689
- Security
-
- Allows IdP initiated SAML login with session containing expired token #59686
- SIEM
- Uptime
-
- Updates duration chart query filters #63620