Elasticsearch version 7.13.4
editElasticsearch version 7.13.4
editAlso see Breaking changes in 7.13.
Security updates
edit- A memory disclosure vulnerability was identified in Elasticsearch’s error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing previously used portions of a data buffer. This buffer could contain sensitive information, such as Elasticsearch documents or authentication details. All versions of Elasticsearch prior to 7.13.4 are affected by this flaw. There is no known workaround for this issue. You must upgrade to Elasticsearch version 7.13.4 to obtain the fix. CVE-2021-22145
Known issues
edit-
Frozen tier: (Windows only) The frozen data tier relies on multiple caching mechanisms to speed up access to searchable snapshot files. One of these caches uses sparse files to avoid creating large files on disk when it is not strictly required. A bug prevented files from being created with the right options to enable sparse support on Windows, leading Elasticsearch to create potentially large files that can end up consuming all the disk space.
This issue is fixed in Elasticsearch versions 7.15.2 and later. There is no known workaround for earlier versions. Filesystems that enable sparse files by default are not affected. For more details, see #79371.
-
Snapshot and restore: If a running snapshot is cancelled while a previously-started snapshot is still ongoing and a later snapshot is enqueued then there is a risk that some shard data may be lost from the repository. This will cause future restore operations to fail. To mitigate this problem, set
snapshot.max_concurrent_operations: 1
to prevent concurrent snapshot operations:PUT _cluster/settings { "persistent" : { "snapshot.max_concurrent_operations" : 1 } }
This issue is fixed in Elasticsearch versions 7.14.1 and later. It is not possible to repair a repository once it is affected by this issue, so you must restore the repository from a backup, or clear the repository by executing
DELETE _snapshot/<repository name>/*
, or move to a fresh repository. For more details, see #75598. -
Parsing a request when the last element in an array is filtered out
(for instance using
_source_includes
) fails. This is due to a bug in Jackson parser. Fixed in Elasticsearch 8.6.1 (#91456) -
The deprecated
index.mapper.dynamic
setting can break your cluster. It can only be set using the Update index settings API. Symptoms include nodes failing to start or shards failing to allocate. Do not use this setting in versions prior to 7.17.22. The bug is fixed in 7.17.22. (issue: #109160)