Elasticsearch version 7.10.2
editElasticsearch version 7.10.2
editAlso see Breaking changes in 7.10.
Security updates
edit-
An information disclosure flaw was found in the Elasticsearch async search API.
Users who execute an async search will store the HTTP headers.
A user with the ability to read the
.tasks
index could obtain sensitive request headers of other users in the cluster. All versions of Elasticsearch between 7.7.0 and 7.10.1 are affected by this flaw. You must upgrade to Elasticsearch version 7.10.2 to obtain the fix. CVE-2021-22132
Known issues
edit-
Snapshot and restore: If an index is deleted while the cluster is concurrently taking more than one snapshot then there is a risk that one of the snapshots may never complete and also that some shard data may be lost from the repository, causing future restore operations to fail. To mitigate this problem, set
snapshot.max_concurrent_operations: 1
to prevent concurrent snapshot operations:PUT _cluster/settings { "persistent" : { "snapshot.max_concurrent_operations" : 1 } }
This issue is fixed in Elasticsearch versions 7.13.1 and later. It is not possible to repair a repository once it is affected by this issue, so you must restore the repository from a backup, or clear the repository by executing
DELETE _snapshot/<repository name>/*
, or move to a fresh repository. For more details, see #73456.
Bug fixes
edit- EQL
-
- Fix early trimming of in-flight data #66493
- Engine
- Features/Data streams
-
- Allow more legit cases in Metadata.Builder.validateDataStreams #65791
- Features/Features
- Features/Ingest
- Highlighting
- Features/ILM+SLM
- Infra/REST API
- Infra/Scripting
- Infra/Settings
- QL
- Machine Learning
-
- Change to only calculate model size on initial load to prevent slow cache promotions #66451
- Network
- SQL
- Search
- Security
-
- Store and use only internal security headers #66365
- Snapshot/Restore