diff --git a/release-notes/elastic-security/index.md b/release-notes/elastic-security/index.md index 688333e795..165100c77f 100644 --- a/release-notes/elastic-security/index.md +++ b/release-notes/elastic-security/index.md @@ -27,6 +27,30 @@ To check for security updates, go to [Security announcements for the Elastic sta % * +## 9.1.5 [elastic-security-9.1.5-release-notes] + +### Features and enhancements [elastic-security-9.1.5-features-enhancements] +* Adds `customized_fields` and `has_base_version` fields to the internal rule schema [#235394]({{kib-pull}}235394). +* Adds an {{elastic-defend}} option to remediate orphaned state by attempting to start Elastic Agent service. +* Increases the throughput of {{elastic-defend}} Logstash connections by increasing the maximum size it can upload at once. +* Improves reliability and accuracy of reporting of the {{elastic-defend}}'s {{es}} connection. + +### Fixes [elastic-security-9.1.5-fixes] +* Fixes browser fields caching to use the `dataView` ID instead of the index pattern [#234381]({{kib-pull}}234381). +* Removes `null` in confirmation dialog when bulk editing index patterns for rules [#236572]({{kib-pull}}236572). +* Fixes the URL passed to detection rule actions via the `{{context.results_link}}` placeholder [#236067]({{kib-pull}}236067). +* Fixes system prompt updates from the Conversations tab in AI Assistant [#234812]({{kib-pull}}234812). +* Fixes an issue in the Highlighted fields table in the alert details flyout [#234222]({{kib-pull}}234222). +* Fixes an issue in rule exceptions to include the `matches` operator only for supported fields [#233127]({{kib-pull}}233127). +* Adds support in {{elastic-defend}} for installing eBPF event probes on Linux endpoints when cgroup2 is mounted in a non-standard location or not mounted at all. +* Adds support in {{elastic-defend}} for installing eBPF probes on Linux endpoints when taskstats is compiled out of the kernel. +* Fixes an issue in {{elastic-defend}} where Linux network events could have source and destination bytes swapped. +* Removes `.process.thread.capabilities.permitted` and `.process.thread.capabilities.effective` from Linux network events in {{elastic-defend}}. +* Fixes an issue in {{elastic-defend}} where host isolation could auto-release incorrectly. Host isolation now only releases when {{elastic-endpoint}} becomes orphaned. Intermittent {{elastic-agent}} connectivity changes no longer alter the host isolation state. +* Fixes an issue where {{elastic-defend}} would incorrectly calculate throughput capacity when sending documents to output. This may have limited event throughput on extremely busy endpoints. +* Fixes an issue in {{elastic-defend}} installation logging where only the first character of install paths (usually 'C') would be logged. + + ## 9.1.4 [elastic-security-9.1.4-release-notes] ### Features and enhancements [elastic-security-9.1.4-features-enhancements] diff --git a/release-notes/elastic-security/known-issues.md b/release-notes/elastic-security/known-issues.md index 263b488168..cb1a12887f 100644 --- a/release-notes/elastic-security/known-issues.md +++ b/release-notes/elastic-security/known-issues.md @@ -17,7 +17,7 @@ Known issues are significant defects or limitations that may impact your impleme % ::: -:::{dropdown} Filters may not apply correctly on the Alerts page +::::{dropdown} Filters may not apply correctly on the Alerts page Applies to: 9.1.0, 9.1.1, 9.1.2, and 9.1.3 **Impact** @@ -36,7 +36,11 @@ You can turn off the {{kib}} `courier:ignoreFilterIfFieldNotInIndex` [advanced s Ensure you give any users who will need access to the new space the appropriate permissions. ::: -::: +**Resolved**
+ +Resolved in {{stack}} 9.1.4 + +:::: :::{dropdown} The {{elastic-agent}} Docker image is not available at `docker.elastic.co/beats/elastic-agent:9.0.0`