8.15.5 release notes (#6223)

* First draft

* Minor editorial fixes

* Styling fixes

Author: nastasha-solomon

docs/release-notes.asciidoc

@@ -5,6 +5,7 @@ This section summarizes the changes in each release.
 
 * <<release-notes-8.16.1, {elastic-sec} version 8.16.1>>
 * <<release-notes-8.16.0, {elastic-sec} version 8.16.0>>
+* <<release-notes-8.15.5, {elastic-sec} version 8.15.5>>
 * <<release-notes-8.15.4, {elastic-sec} version 8.15.4>>
 * <<release-notes-8.15.3, {elastic-sec} version 8.15.3>>
 * <<release-notes-8.15.2, {elastic-sec} version 8.15.2>>

docs/release-notes/8.15.asciidoc

@@ -1,6 +1,22 @@
 [[release-notes-header-8.15.0]]
 == 8.15
 
+[discrete]
+[[release-notes-8.15.5]]
+=== 8.15.5
+
+[discrete]
+[[bug-fixes-8.15.5]]
+==== Bug fixes
+* Ensures that only the asset criticality index is refreshed after you bulk upload asset criticality data ({kibana-pull}200897[#200897]).
+* Fixes {agent} to {elastic-defend} communication on endpoints using a proxy. With this fix, localhost TCP traffic should skip any proxies.
+* Fixes a time skew bug that occurs when Linux virtual machines that are using eBPF event probes are suspended and then resumed.
+* Fixes an {elastic-defend} bug where Windows API events might be dropped if they contain Unicode characters that can’t be converted to ANSI.
+* Fixes a bug where {elastic-defend} could fail to properly enrich Windows API events for short-lived processes on older operating systems that don’t natively include this telemetry, such as Windows Server 2019. This might result in dropped or unattributed API events.
+* Ensures that {elastic-defend} does not emit an empty `memory_region` if it can’t enrich a memory region in an API event. With this fix, {elastic-defend} removes these fields.
+* Enhances {elastic-defend} by improving the `call_stack_final_user_module` attribution where potential `proxy_call` modules are encountered during Windows call stack analysis.
+
+
 [discrete]
 [[release-notes-8.15.4]]
 === 8.15.4
@@ -200,6 +216,7 @@ On October 17, 2024, this issue was resolved.
 * Fixes an {elastic-defend} regression that was introduced in 8.14.0, where security events did not populate the `user.name` field. This fix is for Windows endpoints only.
 * Fixes an {elastic-defend} bug where {elastic-endpoint} sometimes missed file and network events on newer kernels that support eBPF. This only occurred if {elastic-endpoint} failed to enable eBPF probes and fell back to Kprobes. This fix is for Linux endpoints only.
 * Fixes a bug that caused errors if you used Azure OpenAI connector for streaming ({kibana-pull}191552[#191552]).
+* Fixes a bug that caused Elastic AI Assistant's responses to sometimes include tags when using Bedrock Sonnet 3.5.
 * Fixes a bug that prevented duplicated prebuilt rules from inheriting **Required fields** and **Related integrations** field values ({kibana-pull}191065[#191065]).
 * Turns off the option to assign users to an alert if no assignees exist ({kibana-pull}190937[#190937]).
 * Fixes a bug that prevented Timeline template settings from being applied to new Timelines that were generated by a rule ({kibana-pull}190511[#190511]).
@@ -222,7 +239,6 @@ On October 17, 2024, this issue was resolved.
 *Details* +
 On August 1, 2024, it was discovered that Elastic AI Assistant's responses when using Bedrock Sonnet 3.5 may include `<antThinking>` tags, for example `<search_quality_reflection>` ({kibana-issue}189676[#189676]).
 
-
 ====
 // end::known-issue-189676[]
 
@@ -269,7 +285,7 @@ On September 5, 2024, this issue was resolved.
 A bug prevented third-party response actions with CrowdStrike from working.
 
 *Workaround* +
-Upgrade to 8.15.1 or later.
+Upgrade to 8.15.1.
 
 ====
 // end::known-issue-crowdstrike-response-actions[]