> ## Documentation Index
> Fetch the complete documentation index at: https://doc.lucidworks.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Fusion 5.9.2

[localhost link]: http://localhost:3000/docs/5/fusion/release-notes/5.9.2-release-notes

[mintlify link]: https://doc.lucidworks.com/docs/5/fusion/release-notes/5.9.2-release-notes

[old doc.lw link]: https://doc.lucidworks.com/fusion/5.9/39hg5n

Released on December 13, 2023, this [maintenance release](/docs/policies/lifecycle-policies/lw-version-support-lifecycle#maintenance-release-support-policy) includes an update to Kubernetes 1.27 and improvements to query service replica scaling and the Web V1 (classic) connector library.

To learn more, skip to the [release notes](#improvements).

<Danger>
  **Security patch available for api-gateway: Netty request smuggling vulnerabilities**

  A patch is available for the `api-gateway` service to address critical Netty request smuggling vulnerabilities (CVE-2026-42581, CVE-2026-42585, CVE-2026-42587). These vulnerabilities allow attackers to smuggle HTTP requests through the gateway, potentially bypassing security controls.

  <Accordion title="Instructions for applying the patch">
    The `api-gateway` service requires the Netty security patch.

    Follow these steps to apply the patched image:

    1. Open your Fusion Helm values file.

    2. Add or update the `api-gateway` image configuration:

       ```yaml theme={"dark"}
       api-gateway:
         image:
           repository: lucidworks
           name: api-gateway
           tag: 5.9.9-SUST-1634-patch
           imagePullPolicy: IfNotPresent
       ```

    3. Save the values file.

    4. For Fusion Cloud Native deployments, run the `upgrade_fusion.sh` script you used for your current deployment. For Helm deployments, run:

       ```bash theme={"dark"}
       helm upgrade --namespace NAMESPACE RELEASE_NAME PATH_TO_VALUES
       ```

       Replace `NAMESPACE` with your Kubernetes namespace, `RELEASE_NAME` with your Helm release name, and `PATH_TO_VALUES` with the path to your updated values file.

    5. Wait for the `api-gateway` pods to restart and verify they are using the patched image.
  </Accordion>
</Danger>

## Platform Support and Component Versions

### Kubernetes platform support

Lucidworks has tested and validated support for the following Kubernetes platforms and versions:

* **Google Kubernetes Engine (GKE):** 1.27
* **Microsoft Azure Kubernetes Service (AKS):** 1.27
* **Amazon Elastic Kubernetes Service (EKS):** 1.27

Support is also offered for Rancher Kubernetes Engine (RKE) and OpenShift 4 versions that are based on Kubernetes 1.27. OpenStack and customized Kubernetes installations are *not* supported.

For more information on Kubernetes version support, see the [Kubernetes support policy](/docs/policies/lifecycle-policies/lw-version-support-lifecycle#kubernetes-support).

<a name="rel-notes" />

### Component versions

The following table details the versions of key components that may be critical to deployments and upgrades.

| Component               | Version                                                                 |
| ----------------------- | ----------------------------------------------------------------------- |
| **Solr**                | fusion-solr 5.9.1  *(based on Solr 9.1.1)*                              |
| **ZooKeeper**           | 3.7.1                                                                   |
| **Spark**               | 3.2.2                                                                   |
| **Ingress Controllers** | Nginx, Ambassador (Envoy), GKE Ingress Controller  Istio not supported. |

More information about support dates can be found at [Lucidworks Fusion Product Lifecycle](/docs/policies/lifecycle-policies/lw-version-support-lifecycle).

<Tip>
  **Looking to upgrade?**

  See [Fusion 5 Upgrades](/docs/5/fusion/operations/fusion-5-upgrades) for detailed instructions.
</Tip>

## Improvements

* Fusion now supports Kubernetes 1.27. This applies to GKE, AKS, and EKS. It also applies to Rancher (RKE) and OpenShift 4 versions that are compatible with Kubernetes 1.27. Refer to Kubernetes documentation for version [1.27](https://kubernetes.io/blog/2023/03/17/upcoming-changes-in-kubernetes-v1-27/).

* Query service replica scaling has been improved.

## Fusion Connectors

* Updated the Web V1 (classic) connector library to resolve issues for certain JavaScript-enabled web pages. While Fusion was not vulnerable to the Common Vulnerabilities and Exposures (CVE) 2023-4863, the connector updates allowed Lucidworks to also acknowledge and resolve that publicly-reported CVE.

## Bug Fixes

* The connectors-backend service no longer fails to start when deploying to OpenShift 4.12.

* Fixed an issue where the Transport Layer Security (TLS) for Fusion Microservices could not be enabled and used.

## Known issues

* New Kerberos security realms cannot be configured successfully in this version of Fusion.
