Elasticsearch version 7.17.22

Elasticsearch version 7.17.22

Also see Breaking changes in 7.17.

Breaking changes

Stricter Document Level Security (DLS)

Document Level Security (DLS) applies stricter checks for the validate query API and for terms aggregations when min_doc_count is set to 0.

Details
When Document Level Security (DLS) is applied to terms aggregations and min_doc_count is set to 0, stricter security rules apply. When Document Level Security (DLS) is applied to the validate query API with the rewrite parameter, stricter security rules apply.

Impact
If needed, test workflows with DLS enabled to ensure that the stricter security rules do not impact your application.

Remediation
Set min_doc_count to a value greater than 0 in terms aggregations or use an account not constrained by DLS for the validate query API calls.

Set xpack.security.dls.force_terms_aggs_to_exclude_deleted_docs.enabled to false in the Elasticsearch configuration to revert to the previous behavior.

Set xpack.security.dls.error_when_validate_query_with_rewrite.enabled to false in the Elasticsearch configuration to revert to the previous behavior.

Bug fixes

Infra/CLI

• Workaround G1 bug for JDK 22 and 22.0.1 #108571

Infra/Plugins

• Guard bootstrap plugins loading from detecting plugins cache #109116 (issue: #97702)

Mapping

• Disable index.mapper.dynamic index setting validation #109160

Security

• Block specific config files from being read after startup #107481

Enhancements

Infra/Settings

• Add remove index setting command #109276

Upgrades

Packaging

• Update bundled JDK to Java 22 (again) #108654

Snapshot/Restore

• Align all usages of protobuf to be 3.21.9 #92123

• « Elasticsearch version 7.17.23

• Elasticsearch version 7.17.21 »