WARNING: Version 5.6 of Kibana has passed its EOL date.

This documentation is no longer being maintained and may be removed. If you are running this version, we strongly advise you to upgrade. For the latest information, see the current release documentation.

« Kibana 5.6.6 Kibana 5.6.4 »
Elastic Docs Kibana User Guide [5.6] Kibana Release Notes

Kibana 5.6.5

edit

Kibana 5.6.5

edit

Security Issues

edit
  • ​Kibana cross site scripting issue (ESA-2017-22): Kibana versions prior to 6.0.1 and 5.6.5 had a cross-site scripting (XSS) vulnerability via URL fields that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users. CVE ID: CVE-2017-11481
  • Kibana open redirect flaw (ESA-2017-23) : The Kibana fix for CVE-2017-8451 was found to be incomplete. With X-Pack installed, Kibana versions before 6.0.1 and 5.6.5 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website. CVE ID: CVE-2017-11482

Users should upgrade to Kibana version 6.0.1 or 5.6.5. There are no known workarounds for these issues.

Bug Fixes

edit
Operations
  • Fixes broken path to babel register #14979
Platform
  • Prepend relative urls #14994
  • Fix: exponent values in table view #15309
  • [eslint] add eslint dev script #14889
  • [dev/ci_setup] generalize jenkins_setup script for other CI environments #15178
Sharing
  • [Fixes #15336] Add parsedUrl to the code driving viz/dashboards #15335
Visualization
  • [Fixes #13436] allows to hide warnings in gauge #15139
  • [Fixes #13947] uses maximum space for arc gauge and center aligns it #15140
  • fixing field formatters for gauge #15145
  • [Fixes #13947] fix metric align and size #15141
« Kibana 5.6.6 Kibana 5.6.4 »