Skip to content

Releases: opensearch-project/security

Release v1.9.0.1

30 Jul 18:19
@github-actions github-actions
v1.9.0.1
70994ee
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Release v1.9.0.1

Enhancements

  • Hot reloading audit configuration (#409)
  • Add configuration for REST API whitelisting (#520)
  • Implement ability to configure readonly fields for audit configuration (#559)
  • Decrypt SAML assertions (#539)
  • Add REST API method to audit logging (#589)
  • Log index event requests on transport layer (#588)
  • Added kibana attribute to security config which will be used by tenantinfo api. (#514)
  • Log granted privileges on REST layer if user has access to opendistro APIs (#594)

Bug fixes

  • Fix broken link to security configuration page (#558)
  • Make sure Internal users API supports adding reserved opendistrosecurityroles
    (by superuser). Do not filter out reserved roles in the InternalUsersModelV7 (#556)
  • Removing hidden/reserved roles added via roles mapping (#586)

Maintenance

  • Refactoring: moved getSettingAsSet() method and DEFAULT_DISABLED_CATEGORIES from AuditConfig to ConfigConstants. (#543)
  • Introduced method to construct AuditCategory EnumSet from Settings (#543)
  • Use Jackson to serialize and de-serialize audit configuration (#542)
  • Support "true" and "false" String to boolean conversion in DefaultObjectMapper.getOrDefault() (#548)
  • Removing static ILM action groups (#552)
  • Fix failing NodesDnApiTest#testNodesDnApi (#568)
  • Upgrade Apache CXF to 3.2.14 (#577)
  • Upgrade Apache Kafka Client to 2.5.0 (#584)
  • Upgrade Onelogin Java SAML to 2.5.0 (#585)
  • Upgrade Bouncy Castle to 1.66 (#603)
  • Upgrade OpenSAML SAML Provider Implementations to 3.4.5 (#604)
Loading

Release v1.9.0.0

07 Jul 17:45
@github-actions github-actions
v1.9.0.0
1d007f7
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Release v1.9.0.0

Supported Elasticsearch version 7.8.0

Enhancements

  • Added support for Elasticsearch 7.8.0 (#516)
  • Allow superadmin to update/delete hidden resources (#513)
  • Added metadata_content to SAML config (#477, #495)
  • Implemented put if absent behavior for security config (#402)

Bug fixes

  • Removed the faulty index exists check and have more predictable behavior (#517)
  • Avoid using Basic Authorization header as JWT token (#501)
  • Granted access to all packages under com.sun.jndi (#494)
  • Prevented users from mapping to hidden/reserved opendistro_security_roles (#486)
  • Checked for substitute permissions before attempting to use SafeObjectOutputStream (#478)

Maintenance

  • Updated Maven endpoint URL for deployment (#519)
  • Avoid using reflection to instantiate OpenDistroSecurityFlsDlsIndexSearcherWrapper (#511)
  • Bumped Jackson-databind version (#509)
  • Refactored salt from compliance config into Salt class (#506)
  • Fixed typo in DefaultOpenDistroSecurityKeyStore.java (#502)
  • Refactored to use indexing operation listener for every index module call (#491)
  • Moved compliance ignore users from audit config to compliance config (#484)
  • Removed immutable indices from compliance config (#483)
  • Updated CD workflow to publish artifacts to maven central (#481)
  • Refactored Base64Helper class (#468)
  • Refactored WildcardMatcher (#458)
Loading

Release v1.8.0.0

22 May 16:43
@github-actions github-actions
v1.8.0.0
732cf69
Compare
Choose a tag to compare
Release v1.8.0.0

Supported Elasticsearch version 7.7.0

Enhancements

  • Added support for Elasticsearch 7.7.0 (#361, #461)
  • Implemented migration and validation APIs for version upgrade (#454)

Maintenance

  • Jackson-databind version bump (#406)
Loading

Release v1.7.0.0

05 May 04:19
@github-actions github-actions
v1.7.0.0
d5bf15d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Release v1.7.0.0

Supported Elasticsearch version 7.6.1 (same as Open Distro for Elasticsearch Security plugin version 1.6.0.0)

Changes:

  • Implemented APIs and datamodel to configure nodes_dn dynamically #445 (backported from master #362)
  • Performance improvement by memorizing results of resolveIndexPatterns for Bulk requests (backported from master #309)
  • Performance improvement by implementing faster version of implies type perm #302
  • Enabled limited OpenSSL support
  • Changed file permissions for securityconfig and tools #387
  • Fixed bug which caused user to lose roles on account password update #333
  • Refactored to use Greenrobot EventBus #445 (backported from master #370)
  • Refactored Resolved class, dropped unused fields and simplified logic (backported from master #310)
  • Refactored audit logging related classes #445 (backported from master #303, #445, #306, #373, #368)
Loading

Release v1.6.0.0

25 Mar 22:47
@github-actions github-actions
v1.6.0.0
378a7bb
Compare
Choose a tag to compare
Release v1.6.0.0

Changes:

  • Support Elasticsearch 7.6.1 #292
  • [Optimization] Implement faster version of implies type perm #198
  • Adding capability to hot reload ssl certificates #263
  • Added SuperAdmin check to allow update/delete/add of reserved config #242 (ported to master via #248 )
  • Fix to use inner channel when channel is not direct or transport type #234 (ported to master via #248 )
  • Fix for modifying user backend-roles without giving password #225 (ported to master via #248 )
Loading

Release v1.5.0.1

12 Mar 08:29
@github-actions github-actions
v1.5.0.1
0081f4d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Release v1.5.0.1
  • Adding capability to hot reload ssl certificates
  • Added changes for SuperAdmin to update/add/delete reserved configs
Loading

Release v0.10.1.1

12 Mar 08:28
@github-actions github-actions
v0.10.1.1
64e3c07
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Release v0.10.1.1
  • Adding capability to hot reload ssl certificates
  • Added changes for SuperAdmin to update/add/delete reserved configs
Loading

Release v1.5.0.0

12 Mar 08:31
@github-actions github-actions
v1.5.0.0
f05a67e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Release v1.5.0.0

Support for Elasticsearch 7.5.2

Loading

Version 1.1.0.0

11 Sep 20:55
@NihalHarish NihalHarish
v1.1.0.0
0e2d3ae
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Version 1.1.0.0
  • Support for Elasticsearch 7.1
  • No major changes
  • Version upgrade in pom file
Loading

Version 0.9.0.1

16 Jul 21:48
@NihalHarish NihalHarish
v0.9.0.1
c3ee4ce
Compare
Choose a tag to compare
Version 0.9.0.1
  • Improvements to Opendistro-For-Elasticsearch Security 0.9.0.0
  • Elasticsearch version target: oss-6.7.1
Loading