add release notes for Shield 1.3.2

Original commit: elastic/x-pack-elasticsearch@f4f3101aa2
This commit is contained in:
jaymode 2015-08-07 14:38:40 -04:00
parent 3876bde0c2
commit 85eeeab88a
1 changed files with 17 additions and 2 deletions

View File

@ -41,9 +41,19 @@ version of Shield. We recommend copying the changes listed below to your `roles.
[[changelist]] [[changelist]]
=== Change List === Change List
[float]
==== 1.3.2
.bug fixes
* When using the <<ldap-user-search,LDAP user search>> mechanism, connection errors during startup no longer cause the node to stop.
* The <<cache-eviction-api,Cache Eviction API>> no longer generates invalid JSON.
* The <<audit-index,index output for auditing>> starts properly when forwarding the audit events to a remote cluster and uses
the correct user to index the audit events.
[float] [float]
==== 1.3.1 ==== 1.3.1
.bug fixes
* Fixes <<enable-message-authentication,message authentication>> serialization to work with Shield 1.2.1 and earlier. * Fixes <<enable-message-authentication,message authentication>> serialization to work with Shield 1.2.1 and earlier.
** NOTE: if you are upgrading from Shield 1.3.0 or Shield 1.2.2 a {ref}/setup-upgrade.html#restart-upgrade[cluster restart upgrade] ** NOTE: if you are upgrading from Shield 1.3.0 or Shield 1.2.2 a {ref}/setup-upgrade.html#restart-upgrade[cluster restart upgrade]
will be necessary. When upgrading from other versions of Shield, follow the normal <<upgrade-instructions,upgrade procedure>>. will be necessary. When upgrading from other versions of Shield, follow the normal <<upgrade-instructions,upgrade procedure>>.
@ -64,14 +74,12 @@ will be necessary. When upgrading from other versions of Shield, follow the norm
have been hashed with `bcrypt` and are not affected. have been hashed with `bcrypt` and are not affected.
.enhancements .enhancements
* TLS 1.2 is now the default protocol. * TLS 1.2 is now the default protocol.
* Clients that do not support pre-emptive basic authentication can now support both anonymous and authenticated access * Clients that do not support pre-emptive basic authentication can now support both anonymous and authenticated access
by specifying the `shield.authc.anonymous.authz_exception` <<anonymous-access,setting>> with a value of `false`. by specifying the `shield.authc.anonymous.authz_exception` <<anonymous-access,setting>> with a value of `false`.
* Reduced logging for common SSL exceptions, such as a client closing the connection during a handshake. * Reduced logging for common SSL exceptions, such as a client closing the connection during a handshake.
.bug fixes .bug fixes
* The `esusers` and `syskeygen` tools now work correctly with environment variables in the RPM and DEB installation * The `esusers` and `syskeygen` tools now work correctly with environment variables in the RPM and DEB installation
environment files `/etc/sysconfig/elasticsearch` and `/etc/default/elasticsearch`. environment files `/etc/sysconfig/elasticsearch` and `/etc/default/elasticsearch`.
* Default ciphers no longer include `TLS_DHE_RSA_WITH_AES_128_CBC_SHA`. * Default ciphers no longer include `TLS_DHE_RSA_WITH_AES_128_CBC_SHA`.
@ -79,6 +87,7 @@ will be necessary. When upgrading from other versions of Shield, follow the norm
[float] [float]
==== 1.2.3 ==== 1.2.3
.bug fixes
* Fixes <<enable-message-authentication,message authentication>> serialization to work with Shield 1.2.1 and earlier. * Fixes <<enable-message-authentication,message authentication>> serialization to work with Shield 1.2.1 and earlier.
** NOTE: if you are upgrading from Shield 1.2.2 a {ref}/setup-upgrade.html#restart-upgrade[cluster restart upgrade] ** NOTE: if you are upgrading from Shield 1.2.2 a {ref}/setup-upgrade.html#restart-upgrade[cluster restart upgrade]
will be necessary. When upgrading from other versions of Shield, follow the normal <<upgrade-instructions,upgrade procedure>>. will be necessary. When upgrading from other versions of Shield, follow the normal <<upgrade-instructions,upgrade procedure>>.
@ -86,6 +95,7 @@ will be necessary. When upgrading from other versions of Shield, follow the norm
[float] [float]
==== 1.2.2 ==== 1.2.2
.bug fixes
* The `esusers` tool no longer warns about missing roles that are properly defined in the `roles.yml` file. * The `esusers` tool no longer warns about missing roles that are properly defined in the `roles.yml` file.
* The period character, `.`, is now allowed in usernames and role names. * The period character, `.`, is now allowed in usernames and role names.
* The {ref}/query-dsl-terms-filter.html#_caching_19[terms filter lookup cache] has been disabled to ensure all requests * The {ref}/query-dsl-terms-filter.html#_caching_19[terms filter lookup cache] has been disabled to ensure all requests
@ -98,17 +108,20 @@ will be necessary. When upgrading from other versions of Shield, follow the norm
[float] [float]
==== 1.2.1 ==== 1.2.1
.bug fixes
* Several bug fixes including a fix to ensure that {ref}/disk.html[Disk-based Shard Allocation] * Several bug fixes including a fix to ensure that {ref}/disk.html[Disk-based Shard Allocation]
works properly with Shield works properly with Shield
[float] [float]
==== 1.2.0 ==== 1.2.0
.enhancements
* Adds support for Elasticsearch 1.5 * Adds support for Elasticsearch 1.5
[float] [float]
==== 1.1.1 ==== 1.1.1
.bug fixes
* Several bug fixes including a fix to ensure that {ref}/disk.html[Disk-based Shard Allocation] * Several bug fixes including a fix to ensure that {ref}/disk.html[Disk-based Shard Allocation]
works properly with Shield works properly with Shield
@ -139,12 +152,14 @@ for more information.
[float] [float]
==== 1.0.2 ==== 1.0.2
.bug fixes
* Filter out sensitive settings from the settings APIs * Filter out sensitive settings from the settings APIs
* Significant memory footprint reduction of internal data structures * Significant memory footprint reduction of internal data structures
[float] [float]
==== 1.0.1 ==== 1.0.1
.bug fixes
* Fixed dependency issues with Elasticsearch 1.4.3 and (Lucene 4.10.3 that comes with it) * Fixed dependency issues with Elasticsearch 1.4.3 and (Lucene 4.10.3 that comes with it)
* Fixed bug in how user roles were handled. When multiple roles were defined for a user, and one of the * Fixed bug in how user roles were handled. When multiple roles were defined for a user, and one of the
roles only had cluster permissions, not all privileges were properly evaluated. roles only had cluster permissions, not all privileges were properly evaluated.