From e789e0291b789b8a96015f3e64f605ef5768b715 Mon Sep 17 00:00:00 2001 From: Craig Perkins Date: Tue, 11 Jul 2023 17:30:22 -0400 Subject: [PATCH 1/2] Add release notes for 2.9.0.0 Signed-off-by: Craig Perkins --- ...ensearch-security.release-notes-2.9.0.0.md | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 release-notes/opensearch-security.release-notes-2.9.0.0.md diff --git a/release-notes/opensearch-security.release-notes-2.9.0.0.md b/release-notes/opensearch-security.release-notes-2.9.0.0.md new file mode 100644 index 0000000000..188113413d --- /dev/null +++ b/release-notes/opensearch-security.release-notes-2.9.0.0.md @@ -0,0 +1,31 @@ +## 2023-07-18 Version 2.9.0.0 + +Compatible with OpenSearch 2.9.0 + +### Enhancements + +* Use boucycastle PEM reader instead of reg expression ([#2877](https://github.com/opensearch-project/security/pull/2877)) +* Adding field level security test cases for FlatFields ([#2876](https://github.com/opensearch-project/security/pull/2876)) ([#2893](https://github.com/opensearch-project/security/pull/2893)) +* Add password message to /dashboardsinfo endpoint ([#2949](https://github.com/opensearch-project/security/pull/2949)) ([#2955](https://github.com/opensearch-project/security/pull/2955)) +* Add .plugins-ml-connector to system index ([#2947](https://github.com/opensearch-project/security/pull/2947)) ([#2954](https://github.com/opensearch-project/security/pull/2954)) +* Parallel test jobs for CI ([#2861](https://github.com/opensearch-project/security/pull/2861)) ([#2936](https://github.com/opensearch-project/security/pull/2936)) +* Adds a check to skip serialization-deserialization if request is for same node ([#2765](https://github.com/opensearch-project/security/pull/2765)) ([#2973](https://github.com/opensearch-project/security/pull/2973)) + +### Maintenance + +* Match version of zstd-jni from core ([#2835](https://github.com/opensearch-project/security/pull/2835)) +* Add Andrey Pleskach (Willyborankin) to Maintainers ([#2843](https://github.com/opensearch-project/security/pull/2843)) +* Updates bwc versions to latest release ([#2849](https://github.com/opensearch-project/security/pull/2849)) +* Add search model group permission to ml_read_access role ([#2855](https://github.com/opensearch-project/security/pull/2855)) ([#2858](https://github.com/opensearch-project/security/pull/2858)) +* Format 2.x ([#2878](https://github.com/opensearch-project/security/pull/2878)) +* Update snappy to 1.1.10.1 and guava to 32.0.1-jre ([#2886](https://github.com/opensearch-project/security/pull/2886)) ([#2889](https://github.com/opensearch-project/security/pull/2889)) +* Resolve ImmutableOpenMap issue from core refactor ([#2908](https://github.com/opensearch-project/security/pull/2908)) +* Misc changes ([#2902](https://github.com/opensearch-project/security/pull/2902)) ([#2904](https://github.com/opensearch-project/security/pull/2904)) +* Bump BouncyCastle from jdk15on to jdk15to18 ([#2901](https://github.com/opensearch-project/security/pull/2901)) ([#2917](https://github.com/opensearch-project/security/pull/2917)) +* Fix the import org.opensearch.core.common.Strings; and import org.opensearch.core.common.logging.LoggerMessageFormat; ([#2953](https://github.com/opensearch-project/security/pull/2953)) +* Remove commons-collections 3.2.2 ([#2924](https://github.com/opensearch-project/security/pull/2924)) ([#2957](https://github.com/opensearch-project/security/pull/2957)) +* Resolve CVE-2023-2976 by forcing use of Guava 32.0.1 ([#2937](https://github.com/opensearch-project/security/pull/2937)) ([#2974](https://github.com/opensearch-project/security/pull/2974)) +* Bump jaxb to 2.3.8 ([#2977](https://github.com/opensearch-project/security/pull/2977)) ([#2979](https://github.com/opensearch-project/security/pull/2979)) +* Update Gradle to 8.2.1 ([#2978](https://github.com/opensearch-project/security/pull/2978)) ([#2981](https://github.com/opensearch-project/security/pull/2981)) +* Changed maven repo location for compatibility check ([#2988](https://github.com/opensearch-project/security/pull/2988)) +* Bump guava to 32.1.1-jre ([#2976](https://github.com/opensearch-project/security/pull/2976)) ([#2990](https://github.com/opensearch-project/security/pull/2990)) From d69658f2e8bea88b94d564809849499a6c7a369a Mon Sep 17 00:00:00 2001 From: Craig Perkins Date: Wed, 12 Jul 2023 14:08:59 -0400 Subject: [PATCH 2/2] Add new item to release notes Signed-off-by: Craig Perkins --- release-notes/opensearch-security.release-notes-2.9.0.0.md | 1 + 1 file changed, 1 insertion(+) diff --git a/release-notes/opensearch-security.release-notes-2.9.0.0.md b/release-notes/opensearch-security.release-notes-2.9.0.0.md index 188113413d..281fa1b488 100644 --- a/release-notes/opensearch-security.release-notes-2.9.0.0.md +++ b/release-notes/opensearch-security.release-notes-2.9.0.0.md @@ -10,6 +10,7 @@ Compatible with OpenSearch 2.9.0 * Add .plugins-ml-connector to system index ([#2947](https://github.com/opensearch-project/security/pull/2947)) ([#2954](https://github.com/opensearch-project/security/pull/2954)) * Parallel test jobs for CI ([#2861](https://github.com/opensearch-project/security/pull/2861)) ([#2936](https://github.com/opensearch-project/security/pull/2936)) * Adds a check to skip serialization-deserialization if request is for same node ([#2765](https://github.com/opensearch-project/security/pull/2765)) ([#2973](https://github.com/opensearch-project/security/pull/2973)) +* Add workflow cluster permissions to alerting roles and add .plugins-ml-config in the system index ([#2996](https://github.com/opensearch-project/security/pull/2996)) ### Maintenance