You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@senssoft.apache.org by "Joshua Poore (JIRA)" <ji...@apache.org> on 2019/01/16 01:18:00 UTC

[jira] [Updated] (SENSSOFT-325) ELK stack <6.5 has known security issues

     [ https://issues.apache.org/jira/browse/SENSSOFT-325?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Joshua Poore updated SENSSOFT-325:
----------------------------------
    Description: 
Kibana and Elasticsearch both have known security issues related to code injection and user impersonation. 

[https://www.elastic.co/community/security]

Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there are no breaking changes across the same major version. However, X-Pack plugin must be removed.

Will complete upgrade and test on new branch.

ElasticSearch 6.5:

[https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] 

[https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html]

 

  was:
Kibana and Elasticsearch both have known security issues related to code injection and user impersonation. 

Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there are no breaking changes across the same major version. However, X-Pack plugin must be removed.

Will complete upgrade and test on new branch.


> ELK stack <6.5 has known security issues 
> -----------------------------------------
>
>                 Key: SENSSOFT-325
>                 URL: https://issues.apache.org/jira/browse/SENSSOFT-325
>             Project: SensSoft
>          Issue Type: Bug
>          Components: builds
>    Affects Versions: SensSoft 1.0
>            Reporter: Joshua Poore
>            Assignee: Joshua Poore
>            Priority: Major
>             Fix For: SensSoft 1.0
>
>
> Kibana and Elasticsearch both have known security issues related to code injection and user impersonation. 
> [https://www.elastic.co/community/security]
> Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there are no breaking changes across the same major version. However, X-Pack plugin must be removed.
> Will complete upgrade and test on new branch.
> ElasticSearch 6.5:
> [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] 
> [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html]
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)