Could we possibly stabilize elasticsearch (and logstash and kibana as well)?
Since all are binary versions,I don't think so :(
why is a binary version a show stopper? Just an example: oracle-jre-bin or oracle-jdk-bin have been marked as stable and they are binary as well.
Because they bundle a lot of third party libs for whitch tracking the CVEs is very hard. Don't get me wrong,I'm not against it,just saying what I heard from the security people. Try asking the security/arch team on this matter.