Logstash 6.8.15 Release Notes

edit

Logstash 6.8.15 Release Notes

edit

Security update

edit

Certificate verification with internal monitoring. We fixed a bug in the monitoring pipeline that caused it to pass monitoring data to Elasticsearch with certificate verification disabled. Logstash internal monitoring had been sending monitoring metadata (such as pipeline throughput metrics) to Elasticsearch without verifying the recipient. #12749

For information: CVE-2021-22138.