From 2241b1e999289f0f32e03113d1e1de89c7e4e995 Mon Sep 17 00:00:00 2001 From: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com> Date: Mon, 11 Nov 2024 22:28:20 -0500 Subject: [PATCH] 8.15.4 Release notes (#6062) * First draft * Adds endpoint PRs * DE PR * Update docs/release-notes/8.15.asciidoc Co-authored-by: Gabriel Landau <42078554+gabriellandau@users.noreply.github.com> * Moves 195167 to 8.15.4 * Update docs/release-notes/8.15.asciidoc * Update docs/release-notes/8.15.asciidoc Co-authored-by: Benjamin Ironside Goldstein <91905639+benironside@users.noreply.github.com> * Update docs/release-notes/8.15.asciidoc Co-authored-by: Benjamin Ironside Goldstein <91905639+benironside@users.noreply.github.com> * Update docs/release-notes/8.15.asciidoc Co-authored-by: Benjamin Ironside Goldstein <91905639+benironside@users.noreply.github.com> * Update docs/release-notes/8.15.asciidoc Co-authored-by: Benjamin Ironside Goldstein <91905639+benironside@users.noreply.github.com> --------- Co-authored-by: Gabriel Landau <42078554+gabriellandau@users.noreply.github.com> Co-authored-by: Benjamin Ironside Goldstein <91905639+benironside@users.noreply.github.com> (cherry picked from commit e1d7a6f5a7eb182f783944052ff3b399af40235b) --- docs/release-notes.asciidoc | 1 + docs/release-notes/8.15.asciidoc | 38 +++++++++++++++++++++++++++++++- 2 files changed, 38 insertions(+), 1 deletion(-) diff --git a/docs/release-notes.asciidoc b/docs/release-notes.asciidoc index 7a6c8db425..9d05852221 100644 --- a/docs/release-notes.asciidoc +++ b/docs/release-notes.asciidoc @@ -3,6 +3,7 @@ This section summarizes the changes in each release. +* <> * <> * <> * <> diff --git a/docs/release-notes/8.15.asciidoc b/docs/release-notes/8.15.asciidoc index c77343f346..4bfb2a52df 100644 --- a/docs/release-notes/8.15.asciidoc +++ b/docs/release-notes/8.15.asciidoc @@ -1,6 +1,43 @@ [[release-notes-header-8.15.0]] == 8.15 +[discrete] +[[release-notes-8.15.4]] +=== 8.15.4 + +[discrete] +[[known-issue-8.15.4]] +==== Known issues + +// tag::known-issue-189676[] +[discrete] +.Tags appear in Elastic AI Assistant's responses +[%collapsible] +==== +*Details* + +On August 1, 2024, it was discovered that Elastic AI Assistant's responses when using Bedrock Sonnet 3.5 may include `` tags, for example `` ({kibana-issue}189676[#189676]). + +==== +// end::known-issue-189676[] + +[discrete] +[[enhancements-8.15.4]] +==== Enhancements +* Enhances {elastic-defend} by improving the `call_stack_final_user_module` attribution where potential `proxy_call` modules are encountered during Windows call stack analysis. + +[discrete] +[[bug-fixes-8.15.4]] +==== Bug fixes +* Fixes a conflict that could result in a Windows boot failure `0xC000007B` for `ElasticElam.sys` when {elastic-defend} 8.15.2 or 8.15.3 was installed alongside CrowdStrike. +* Fixes a bug that caused an Elastic AI Assistant error if you had over 20 conversations and tried to access or update any of them ({kibana-pull}197305[#197305]). +* Makes Automatic Import more forgiving if LLMs return ECS mappings in unexpected formats ({kibana-pull}195167[#195167]). +* Fixes a bug that caused fields from all indices to display when adding a filter to a rule that you were editing. Now, only fields from the rule's specified indices appear ({kibana-pull}194678[#194678], {kibana-pull}181643[#181643]). +* Improves {elastic-defend} by making the `elastic-endpoint status` command more reliable. Before this fix, the command occasionally failed with an I/O error. +* Fixes an {elastic-defend} process crash that could occur if it was configured to use the Kafka output. +* Fixes a bug where {elastic-defend} could fail to properly enrich Windows API events for short-lived processes on older operating systems that didn't natively include this telemetry, such as Windows Server 2019. This could result in dropped or unattributed API events. +* Ensures that {elastic-defend} does not emit an empty `memory_region` if it can't enrich a memory region in an API event. After this fix, {elastic-defend} removes these fields. +* Fixes an {elastic-defend} bug where Windows API events could be dropped if they contained Unicode characters that couldn't be converted to ANSI. + [discrete] [[release-notes-8.15.3]] === 8.15.3 @@ -26,7 +63,6 @@ On August 1, 2024, it was discovered that Elastic AI Assistant's responses when * Fixes a bug that could cause {elastic-defend} to crash on Linux when scanning paths (or paths with children) which include virtual file systems, such as procfs. * Fixes a bug that made alerts wrongfully inherit previously-selected tags ({kibana-pull}194428[#194428]). * Prevents Automatic Import from requesting that LLMs map to reserved ECS fields ({kibana-pull}195168[#195168]). -* Makes Automatic Import more forgiving if LLMs return ECS mappings in unexpected formats ({kibana-pull}195167[#195167]). * Fixes an Automatic Import bug that prevented non-ECS compatible fields from resolving in structured and unstructured system logs ({kibana-pull}194727[#194727]). * Fixes an Automatic Import bug that occurred when uploading a new version of an existing integration ({kibana-pull}194298[#194298]). * Fixes an Automatic Import bug that caused integration deployments to fail after you edited the ingest pipeline ({kibana-pull}194203[#194203]).