-
Notifications
You must be signed in to change notification settings - Fork 291
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add release notes for 2.19.0 release (#5072)
Signed-off-by: Craig Perkins <[email protected]>
- Loading branch information
Showing
1 changed file
with
68 additions
and
0 deletions.
There are no files selected for viewing
68 changes: 68 additions & 0 deletions
68
release-notes/opensearch-security.release-notes-2.19.0.0.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,68 @@ | ||
| ## Version 2.19.0 Release Notes | ||
|
|
||
| Compatible with OpenSearch and OpenSearch Dashboards version 2.19.0 | ||
|
|
||
| ### Enhancements | ||
| * Allow skipping hot reload dn validation ([#4839](https://github.com/opensearch-project/security/pull/4839)) | ||
| * Add validation of authority certificates ([#4862](https://github.com/opensearch-project/security/pull/4862)) | ||
| * Add support for certificates hot reload ([#4880](https://github.com/opensearch-project/security/pull/4880)) | ||
| * Optimize privilege evaluation for index permissions across '*' index pattern (i.e. all_access role) ([#4926](https://github.com/opensearch-project/security/pull/4926)) | ||
| * Refactor SafeSerializationUtils for better performance ([#4977](https://github.com/opensearch-project/security/pull/4977)) | ||
| * Optimized Privilege Evaluation: Action privileges ONLY, with feature flag ([#4998](https://github.com/opensearch-project/security/pull/4998)) | ||
| * Implement new extension points in IdentityPlugin and add ContextProvidingPluginSubject ([#5028](https://github.com/opensearch-project/security/pull/5028)) | ||
| * Implement new extension points in IdentityPlugin and add ContextProvidingPluginSubject - legacy authz code path ([#5037](https://github.com/opensearch-project/security/pull/5037)) | ||
| * Ensure that plugin can search on system index when utilizing pluginSubject.runAs ([#5032](https://github.com/opensearch-project/security/pull/5032)) | ||
| * Ensure that plugin can update on system index when utilizing pluginSubject.runAs ([#5055](https://github.com/opensearch-project/security/pull/5055)) | ||
| * add ingest pipeline and indices related permissions for anomaly_full_access role ([#5069](https://github.com/opensearch-project/security/pull/5069)) | ||
| * Added roles for ltr read and full access ([#5070](https://github.com/opensearch-project/security/pull/5070)) | ||
|
|
||
| ### Bug Fixes | ||
| * Fix issue with jwt attribute parsing of lists ([#4885](https://github.com/opensearch-project/security/pull/4885)) | ||
| * Log io.netty.internal.tcnative.SSLContext availability warning only when OpenSSL is explicitly enabled but not available ([#4906](https://github.com/opensearch-project/security/pull/4906)) | ||
| * Reduce log level in HttpJwtAuthenticator if request cannot be authenticated ([#4917](https://github.com/opensearch-project/security/pull/4917)) | ||
| * Honor log_request_body setting in compliance audit log ([#4918](https://github.com/opensearch-project/security/pull/4918)) | ||
| * Change log level for log line in OBO Authenticator if OBO is disabled ([#4956](https://github.com/opensearch-project/security/pull/4956)) | ||
| * Set default value for key/trust store type as constant for JDK PKCS setup ([#5003](https://github.com/opensearch-project/security/pull/5003)) | ||
| * Fix SSL config for JDK PKCS setup ([#5033](https://github.com/opensearch-project/security/pull/5033)) | ||
| * Fix Netty4 header verifier inbound handler to deal with upgrade requests ([#5045](https://github.com/opensearch-project/security/pull/5045)) | ||
| * Generate jacoco report for integTestRemote task ([#5050](https://github.com/opensearch-project/security/pull/5050)) | ||
|
|
||
| ### Maintenance | ||
| * Bump org.junit.jupiter:junit-jupiter-api from 5.11.2 to 5.11.3 ([#4856](https://github.com/opensearch-project/security/pull/4856)) | ||
| * Bump ch.qos.logback:logback-classic from 1.5.11 to 1.5.12 ([#4857](https://github.com/opensearch-project/security/pull/4857)) | ||
| * Bump com.google.errorprone:error_prone_annotations from 2.34.0 to 2.35.1 ([#4850](https://github.com/opensearch-project/security/pull/4850)) | ||
| * Bump org.junit.jupiter:junit-jupiter from 5.11.2 to 5.11.3 ([#4861](https://github.com/opensearch-project/security/pull/4861)) | ||
| * Bump Wandalen/wretry.action from 3.5.0 to 3.7.0 ([#4874](https://github.com/opensearch-project/security/pull/4874)) | ||
| * Bump org.checkerframework:checker-qual from 3.48.1 to 3.48.2 ([#4875](https://github.com/opensearch-project/security/pull/4875)) | ||
| * Bump com.nimbusds:nimbus-jose-jwt from 9.41.2 to 9.45 ([#4876](https://github.com/opensearch-project/security/pull/4876)) | ||
| * Bump com.nimbusds:nimbus-jose-jwt from 9.45 to 9.46 ([#4890](https://github.com/opensearch-project/security/pull/4890)) | ||
| * Bump Wandalen/wretry.action from 3.7.0 to 3.7.2 ([#4891](https://github.com/opensearch-project/security/pull/4891)) | ||
| * Bump Zookeeper to 3.9.3 ([#4895](https://github.com/opensearch-project/security/pull/4895)) | ||
| * Bump com.nimbusds:nimbus-jose-jwt from 9.46 to 9.47 ([#4916](https://github.com/opensearch-project/security/pull/4916)) | ||
| * Update Gradle to 8.11 ([#4922](https://github.com/opensearch-project/security/pull/4922)) | ||
| * Update Gradle to 8.11.1 ([#4925](https://github.com/opensearch-project/security/pull/4925)) | ||
| * Bump com.google.googlejavaformat:google-java-format from 1.24.0 to 1.25.0 ([#4933](https://github.com/opensearch-project/security/pull/4933)) | ||
| * Bump Wandalen/wretry.action from 3.7.2 to 3.7.3 ([#4932](https://github.com/opensearch-project/security/pull/4932)) | ||
| * Bump commons-io:commons-io from 2.17.0 to 2.18.0 ([#4935](https://github.com/opensearch-project/security/pull/4935)) | ||
| * Bump io.dropwizard.metrics:metrics-core from 4.2.28 to 4.2.29 ([#4941](https://github.com/opensearch-project/security/pull/4941)) | ||
| * Fix typos ([#4951](https://github.com/opensearch-project/security/pull/4951)) | ||
| * Bump com.carrotsearch.randomizedtesting:randomizedtesting-runner from 2.8.1 to 2.8.2 ([#4962](https://github.com/opensearch-project/security/pull/4962)) | ||
| * Bump org.checkerframework:checker-qual from 3.48.2 to 3.48.3 ([#4958](https://github.com/opensearch-project/security/pull/4958)) | ||
| * Bump org.eclipse.platform:org.eclipse.core.runtime from 3.31.100 to 3.32.0 ([#4964](https://github.com/opensearch-project/security/pull/4964)) | ||
| * Bump org.apache.commons:commons-text from 1.12.0 to 1.13.0 ([#4971](https://github.com/opensearch-project/security/pull/4971)) | ||
| * Bump com.google.googlejavaformat:google-java-format from 1.25.0 to 1.25.2 ([#4972](https://github.com/opensearch-project/security/pull/4972)) | ||
| * Bump org.junit.jupiter:junit-jupiter from 5.11.3 to 5.11.4 ([#4985](https://github.com/opensearch-project/security/pull/4985)) | ||
| * Bump com.nimbusds:nimbus-jose-jwt from 9.47 to 9.48 ([#4986](https://github.com/opensearch-project/security/pull/4986)) | ||
| * Bump com.netflix.nebula.ospackage from 11.10.0 to 11.10.1 ([#4987](https://github.com/opensearch-project/security/pull/4987)) | ||
| * Bump ch.qos.logback:logback-classic from 1.5.12 to 1.5.15 ([#4989](https://github.com/opensearch-project/security/pull/4989)) | ||
| * Bump org.apache.camel:camel-xmlsecurity from 3.22.2 to 3.22.3 ([#4996](https://github.com/opensearch-project/security/pull/4996)) | ||
| * Bump org.apache.santuario:xmlsec from 2.3.4 to 2.3.5 ([#5008](https://github.com/opensearch-project/security/pull/5008)) | ||
| * Bump ch.qos.logback:logback-classic from 1.5.15 to 1.5.16 ([#5009](https://github.com/opensearch-project/security/pull/5009)) | ||
| * Update Gradle to 8.12 ([#5018](https://github.com/opensearch-project/security/pull/5018)) | ||
| * Bump commons-codec:commons-codec from 1.17.1 to 1.17.2 ([#5024](https://github.com/opensearch-project/security/pull/5024)) | ||
| * Bump org.scala-lang:scala-library from 2.13.15 to 2.13.16 ([#5026](https://github.com/opensearch-project/security/pull/5026)) | ||
| * Bump Wandalen/wretry.action from 3.7.3 to 3.8.0 ([#5025](https://github.com/opensearch-project/security/pull/5025)) | ||
| * Bumps guava to 33.4.0-jre ([#5041](https://github.com/opensearch-project/security/pull/5041)) | ||
| * Bump io.dropwizard.metrics:metrics-core from 4.2.29 to 4.2.30 ([#5043](https://github.com/opensearch-project/security/pull/5043)) | ||
| * Remove deprecation comment for protected indices settings ([#5059](https://github.com/opensearch-project/security/pull/5059)) | ||
| * Bump org.gradle.test-retry from 1.6.0 to 1.6.1 ([#5060](https://github.com/opensearch-project/security/pull/5060)) |