[ https://issues.apache.org/jira/browse/SENSSOFT-325?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Joshua Poore updated SENSSOFT-325: ---------------------------------- Description: Kibana and Elasticsearch both have known security issues related to code injection and user impersonation. [https://www.elastic.co/community/security] Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there are no breaking changes across the same major version. However, X-Pack plugin must be removed. Will complete upgrade to E-L-K and test on new branch. ElasticSearch 6.5.4 Docs: [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html] [https://www.elastic.co/guide/en/kibana/current/docker.html] [https://www.elastic.co/guide/en/kibana/current/breaking-changes.html] [https://www.elastic.co/guide/en/logstash/current/docker.html] [https://www.elastic.co/guide/en/logstash/current/breaking-changes.html] [https://www.elastic.co/guide/en/logstash/current/upgrading-logstash-pqs.html] [https://www.elastic.co/guide/en/logstash/current/config-examples.html] was: Kibana and Elasticsearch both have known security issues related to code injection and user impersonation. [https://www.elastic.co/community/security] Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there are no breaking changes across the same major version. However, X-Pack plugin must be removed. Will complete upgrade to E-L-K and test on new branch. ElasticSearch 6.5: [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html] > ELK stack <6.5 has known security issues > ----------------------------------------- > > Key: SENSSOFT-325 > URL: https://issues.apache.org/jira/browse/SENSSOFT-325 > Project: SensSoft > Issue Type: Bug > Components: builds > Affects Versions: SensSoft 1.0 > Reporter: Joshua Poore > Assignee: Joshua Poore > Priority: Major > Fix For: SensSoft 1.0 > > > Kibana and Elasticsearch both have known security issues related to code > injection and user impersonation. > [https://www.elastic.co/community/security] > Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there > are no breaking changes across the same major version. However, X-Pack plugin > must be removed. > Will complete upgrade to E-L-K and test on new branch. > ElasticSearch 6.5.4 Docs: > [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] > [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html] > [https://www.elastic.co/guide/en/kibana/current/docker.html] > [https://www.elastic.co/guide/en/kibana/current/breaking-changes.html] > [https://www.elastic.co/guide/en/logstash/current/docker.html] > [https://www.elastic.co/guide/en/logstash/current/breaking-changes.html] > [https://www.elastic.co/guide/en/logstash/current/upgrading-logstash-pqs.html] > [https://www.elastic.co/guide/en/logstash/current/config-examples.html] > > > > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)