Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

8.15.5 release notes (backport #6223) #6244

Merged
merged 2 commits into from
Nov 26, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions docs/release-notes.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ This section summarizes the changes in each release.

* <<release-notes-8.16.1, {elastic-sec} version 8.16.1>>
* <<release-notes-8.16.0, {elastic-sec} version 8.16.0>>
* <<release-notes-8.15.5, {elastic-sec} version 8.15.5>>
* <<release-notes-8.15.4, {elastic-sec} version 8.15.4>>
* <<release-notes-8.15.3, {elastic-sec} version 8.15.3>>
* <<release-notes-8.15.2, {elastic-sec} version 8.15.2>>
Expand Down
19 changes: 18 additions & 1 deletion docs/release-notes/8.15.asciidoc
Original file line number Diff line number Diff line change
@@ -1,6 +1,22 @@
[[release-notes-header-8.15.0]]
== 8.15

[discrete]
[[release-notes-8.15.5]]
=== 8.15.5

[discrete]
[[bug-fixes-8.15.5]]
==== Bug fixes
* Ensures that only the asset criticality index is refreshed after you bulk upload asset criticality data ({kibana-pull}200897[#200897]).
* Fixes {agent} to {elastic-defend} communication on endpoints using a proxy. With this fix, localhost TCP traffic should skip any proxies.
* Fixes a time skew bug that occurs when Linux virtual machines that are using eBPF event probes are suspended and then resumed.
* Fixes an {elastic-defend} bug where Windows API events might be dropped if they contain Unicode characters that can’t be converted to ANSI.
* Fixes a bug where {elastic-defend} could fail to properly enrich Windows API events for short-lived processes on older operating systems that don’t natively include this telemetry, such as Windows Server 2019. This might result in dropped or unattributed API events.
* Ensures that {elastic-defend} does not emit an empty `memory_region` if it can’t enrich a memory region in an API event. With this fix, {elastic-defend} removes these fields.
* Enhances {elastic-defend} by improving the `call_stack_final_user_module` attribution where potential `proxy_call` modules are encountered during Windows call stack analysis.


[discrete]
[[release-notes-8.15.4]]
=== 8.15.4
Expand Down Expand Up @@ -147,6 +163,7 @@ On October 17, 2024, this issue was resolved.
* Fixes an {elastic-defend} regression that was introduced in 8.14.0, where security events did not populate the `user.name` field. This fix is for Windows endpoints only.
* Fixes an {elastic-defend} bug where {elastic-endpoint} sometimes missed file and network events on newer kernels that support eBPF. This only occurred if {elastic-endpoint} failed to enable eBPF probes and fell back to Kprobes. This fix is for Linux endpoints only.
* Fixes a bug that caused errors if you used Azure OpenAI connector for streaming ({kibana-pull}191552[#191552]).
* Fixes a bug that caused Elastic AI Assistant's responses to sometimes include tags when using Bedrock Sonnet 3.5.
* Fixes a bug that prevented duplicated prebuilt rules from inheriting **Required fields** and **Related integrations** field values ({kibana-pull}191065[#191065]).
* Turns off the option to assign users to an alert if no assignees exist ({kibana-pull}190937[#190937]).
* Fixes a bug that prevented Timeline template settings from being applied to new Timelines that were generated by a rule ({kibana-pull}190511[#190511]).
Expand Down Expand Up @@ -221,7 +238,7 @@ On September 5, 2024, this issue was resolved.
A bug prevented third-party response actions with CrowdStrike from working.

*Workaround* +
Upgrade to 8.15.1 or later.
Upgrade to 8.15.1.

====
// end::known-issue-crowdstrike-response-actions[]
Expand Down