8.10.3 release notes
edit8.10.3 release notes
editUpgrading to Enterprise Search 8.10.3? See Upgrading and migrating.
Security updates
edit-
Elastic Sharepoint Online Python Connector Improper Access Control (ESA-2023-18)
An issue was discovered when using Document Level Security and the SPO "Limited Access" functionality in Elastic Sharepoint Online Python Connector.
If a user is assigned limited access permissions to an item on a Sharepoint site then that user would have read permissions to all content on the Sharepoint site through Elasticsearch.
The issue is resolved in 8.10.3.
For more information, see our related security announcement.
Bug fixes
edit- Fixed an issue where SharePoint Online document-level security was based on User Information Lists, rather than Role Assignments.
- Fixed a bug in the SharePoint Online connector where sync jobs would occasionally continue running despite being canceled. Now, sync jobs will be given a 5 second grace period to terminate smoothly, before they are forced to terminate.
- Fixed a bug introduced in 8.10.0 where converting native connectors to connector clients was broken.