Fleet and Elastic Agent 8.10.3

edit

Review important information about the Fleet and Elastic Agent 8.10.3 release.

Security updates

edit
  • Fleet Server Insertion of Sensitive Information into Log File (ESA-2023-20)

    An issue was discovered in Fleet Server >= v8.10.0 and < v8.10.3 where Agent enrollment tokens are being inserted into the Fleet Server’s log file in plain text.

    These enrollment tokens could allow someone to enroll an agent into an agent policy, and potentially use that to retrieve other secrets in the policy including for Elasticsearch and third-party services. Alternatively a threat actor could potentially enroll agents to the clusters and send arbitrary events to Elasticsearch.

    The issue is resolved in 8.10.3.

    For more information, see our related security announcement.

Known issues

edit

The known issue that prevents successful upgrades in an air-gapped environment for Elastic Agent versions 8.9.0 to 8.10.2 has been resolved in this release. If you’re using an air-gapped environment, we recommend installing version 8.10.3 or any higher version to avoid not being unable to upgrade.

Enhancements

edit
Elastic Agent
  • Improve Elastic Agent uninstall on Windows by adding delay between retries when file removal is blocked by busy files #3431 #3221

Bug fixes

edit
Fleet
  • Fix incorrect index template used from the data stream name (#166941)
  • Increase package install max timeout limit and add concurrency control to rollovers (#166775)
  • Fix bulk action dropdown (#166475)
Elastic Agent
  • Resilient handling of air gapped PGP checks. Elastic Agent should not fail when remote PGP is specified (or official Elastic fallback PGP is used) and remote is not available #3427 #3426 #3368