[Known issue][Detection Engine] Exception item comment validation on newline chars #6275
Comments
yctercero
added
documentation
nastasha-solomon
added
release-notes
sdh-linked
|
This was added to the Serverless release notes via elastic/docs-content#235. |
|
Bug doc'd in the known issue sections for 8.16.0 and 8.16.1: |
|
What about for 8.17.1? https://www.elastic.co/guide/en/security/8.17/release-notes-header-8.17.0.html#release-notes-8.17.1 I don't see it here. |
|
@nicpenning Please find the backport to 8.17 here - elastic/kibana#203708 |
|
@dhurley14 could you confirm if it got into 8.17 or 8.17.1? |
|
The known issue exists is 8.17, but is not shown as known issue in 8.17.1 which I believe is correct, however, there is no mention of the fix in 8.17.1. |
|
The fix was skipped for 8.17.0 and added 8.17.1. |
|
Kibana machine added the 8.17.0 label, even though my PR I manually added 8.17.1 as that was the target release. We wanted to skip 8.17.0 since it was a day or two before the final BC. |
|
Thanks, all. I'll open a PR today to update the 8.17.1 release notes. |
|
8.17.0 and 8.17.1 release notes are updated: https://www.elastic.co/guide/en/security/8.17/release-notes-header-8.17.0.html |
Summary
I wasn't sure if this required a docs issue as it would get picked up by release notes, but will create just in case.
Issue: elastic/kibana#201820
PR: elastic/kibana#202063
Workaround: elastic/kibana#201820 (comment)
Fix slated for 8.16.2
Bug Summary
After upgrading a deployment from any version below 8.16.0 to 8.16+, any rule exceptions with comments containing newline char \n will throw a 500 in the exception items _find api, like when trying to view the exceptions in the rule details page.
The text was updated successfully, but these errors were encountered: