Release notes

7.9.3-21.6

Improvements

  • Reduced the heap and cpu usage when computing a broadcast or index join on a node with more than one shard.

Security fixes

  • Fixed a potential leak of user information across thread contexts. If a user runs a query concurrently with another more privileged user on the same coordinator node, the search could be executed with higher privileges. This could result in an attacker gaining additional permissions against a restricted index. All versions of Federate before 7.11.2-23.0, 7.10.2-22.2, 7.9.3-21.6, 7.6.2-20.2 and 6.8.14-10.3.9 are affected by this flaw. You must upgrade to Federate version 7.11.2-23.0, 7.10.2-22.2, 7.9.3-21.6, 7.6.2-20.2 or 6.8.14-10.3.9 to obtain the fix. [CVE-2021-28938](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28938).

Bug fixes

  • Fixed an issue that caused the Data Streams indices not to be taken into account in search requests.

7.9.3-21.5

Improvements

  • Reduced the data upload latency by improving thread management in the data upload service.

Bug fixes

  • Fixed an issue that caused the filter in the index alias not to be taken into account.

  • Fixed the data output identifier of a table search scan, which impacted negatively on the join resolution and join cache hits.

  • Fixed the maximum concurrent uploads in the segment partitioner collector manager.

  • Removed the DLS header when communicating with a remote Federate cluster and Search Guard to avoid the error, “_sg_dls_query does not match (SG 900D)”.

  • Fixed a concurrent modification that occurred when pruning the query plan.

  • Fixed a bug in Search Guard that caused DLS clauses not to be properly applied on nested documents.

7.9.3-21.4

Improvements

  • Improved performance for broadcast and index join by executing execute the query phase in its own search thread.