---
title: "Version 1.3 release notes | Grafana Enterprise Logs documentation"
description: "Release notes for Grafana Enterprise Logs (GEL) version 1.3."
---

# Version 1.3 release notes

The Grafana Enterprise Logs (GEL) team is excited to announce the release of GEL 1.3.

GEL 1.3 is built off of Loki 2.4.2, so it inherits all the features, enhancements, and bug fixes of the upstream project. Refer to the [Loki v2.4 release notes](/docs/loki/latest/release-notes/v2-4/).

## Features and enhancements

- The `/node/api/v1/debug-export` endpoint returns a ZIP file containing the configuration, version information, and process information. Refer to [get debug information](../../reference/gel-node-api#get-debug-information) for details.
- Backend storage for the Admin API adds support for Azure. Refer to [admin\_client\_config](../../config/reference#admin_client_config) for configuration details.

## Bug fixes

### 1.3.1 bug fixes

- \[SECURITY] Fix of enterprise authentication bypass in Grafana Enterprise Logs component “querier”. (CVE-2022-28660)
  
  - When Grafana Enterprise Logs is deployed in microservices mode and enterprise authentication is used (`-auth.type=enterprise`), the querier component is not enforcing authentication and can be queried just specifying the tenant ID in the X-Scope-OrgID header, when its HTTP port is exposed. The HTTP port should not be exposed to external traffic.

### 1.3.0 bug fixes

- Revised the GEL `/config` endpoint to return both GEL and Loki configuration.
- Updated the parsing of the common configuration block’s `s3` values to allow values specified in the URL-style configuration.