New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update dependency fluentd to v1.14.2 [security] (release-2.9.x) #10822

Merged

kavirajk merged 1 commit into release-2.9.x from deps-update/release-2.9.x-rubygems-fluentd-vulnerability

Oct 9, 2023

Contributor

renovate bot commented Oct 9, 2023 •

edited

Loading

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
fluentd (source)	`'1.9.0'` -> `'1.14.2'`

GitHub Vulnerability Alerts

CVE-2021-41186

Impact

parser_apache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service (ReDoS) vulnerability. A broken apache log with a certain pattern of string can spend too much time in a regular expression, resulting in the potential for a DoS attack.

Patches

v1.14.2

Workarounds

Either of the following:

Don't use parser_apache2 for parsing logs which cannot guarantee generated by Apache.
Put patched version of parser_apache2.rb into /etc/fluent/plugin directory (or any other directories specified by the environment variable FLUENT_PLUGIN or --plugin option of fluentd).

References

ReDoS vulnerability in parser_apache2

CVE-2021-41186 / GHSA-hwhf-64mh-r662

More information

Details

Impact

parser_apache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service (ReDoS) vulnerability. A broken apache log with a certain pattern of string can spend too much time in a regular expression, resulting in the potential for a DoS attack.

Patches

v1.14.2

Workarounds

Either of the following:

Don't use parser_apache2 for parsing logs which cannot guarantee generated by Apache.
Put patched version of parser_apache2.rb into /etc/fluent/plugin directory (or any other directories specified by the environment variable FLUENT_PLUGIN or --plugin option of fluentd).

References

Severity

CVSS Score: 5.9 / 10 (Medium)
Vector String: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Release Notes

fluent/fluentd (fluentd)

`v1.14.2`

IMPORTANT: This release contain the fix for CVE-2021-41186 -
ReDoS vulnerability in parser_apache2.
This vulnerability is affected from Fluentd v0.14.14 to v1.14.1.
We recommend to upgrade Fluentd to v1.14.2 or use patched version of
parser_apache2 plugin.

Enhancement

fluent-cat: Add --event-time option to send specified event time for testing.
https://github.com/fluent/fluentd/pull/35283528

Bug fix

Fixed to generate correct epoch timestamp even after switching Daylight Saving Time
https://github.com/fluent/fluentd/pull/35243524
Fixed ReDoS vulnerability in parser_apache2.
This vulnerability is caused by a certain pattern of a broken apache log.

`v1.14.1`

Enhancement

in_tail: Added file related metrics.
These metrics should be collected same as fluent-bit's in_tahttps://github.com/fluent/fluentd/pull/3504ull/3504
out_forward: Changed to use metrics mechanism for node statistics
https://github.com/fluent/fluentd/pull/35063506

Bug fix

in_tail: Fixed a crash bug that it raise undefined method of eof? error.
This error may happen only when read_bytes_limit_per_second was specified.
https://github.com/fluent/fluentd/pull/35003500
out_forward: Fixed a bug that node statistics information is not included correctly.
https://github.com/fluent/fluentd/pull/35033https://github.com/fluent/fluentd/pull/3507ull/3507
Fixed a error when using @include directive
It was occurred when http/https scheme URI is used in @include directive with Ruby 3.
https://github.com/fluent/fluentd/pull/35173517
out_copy: Fixed to suppress a wrong warning for ignore_if_prev_success
It didn't work even if a user set https://github.com/fluent/fluentd/pull/3515ull/3515
Fixed not to output nanoseconds field of next retry time in warning log
Then, inappropriate labels in log are also fixed. (retry_time -> retry_times,
next_retry_seconds -> next_retrhttps://github.com/fluent/fluentd/pull/3518td/pull/3518

`v1.14.0`

Enhancement

Added enable_input_metrics, enable_size_metrics system
configuration parameter
This feature might need to pay higher CPU cost, so input event metrics
features are disabled by default. These features are also enabled by
--enable-input-metrics,--enable-size-metrics command line
optihttps://github.com/fluent/fluentd/pull/3440ull/3440
Added reserved word @ROOT for getting root router.
This is incompatible change. Do not use @ROOT for label name.
https://github.com/fluent/fluentd/pull/33583358
in_syslog: Added send_keepalive_packet option
https://github.com/fluent/fluentd/pull/34743474
in_http: Added cors_allow_credentials option.
This option tells browsers whether to expose the response to
frontend when the credentials mode is "inhttps://github.com/fluent/fluentd/pull/3481thttps://github.com/fluent/fluentd/pull/3491luentd/pull/3491

Bug fix

in_tail: Fixed a bug that deleted paths are not removed
from pos file by file compaction at starthttps://github.com/fluent/fluentd/pull/3467ull/3467
in_tail: Revived a warning message of retrying unaccessible file
https://github.com/fluent/fluentd/pull/34783478
TLSServer: Fixed a crash bug on logging peer host name errors
https://github.com/fluent/fluentd/pull/34833483

Misc

Added metrics plugin mechanism
The implementations is changed to use metrics plugin.
In the future, 3rd party plugin will be able to handle these mhttps://github.com/fluent/fluentd/pull/3471thttps://github.com/fluent/fluentd/pull/3473lhttps://github.com/fluent/fluentd/pull/3479nhttps://github.com/fluent/fluentd/pull/3484buffer: Use metrics plugin mechanism on a plugin base class fluent/fluentd#3484

`v1.13.3`

Bug fix

in_tail: Care DeletePending state on Windows
https://github.com/fluent/fluentd/pull/34573https://github.com/fluent/fluentd/pull/3460ull/3460
in_tail: Fix some pos_file bugs.
Avoid deleting pos_file entries unexpectedly when both
pos_file_compaction_interval and follow_inode are enabled.
Use bytesize instead of size for path length.
https://github.com/fluent/fluentd/pull/34593459
in_tail: Fix detecting rotation twice on follow_inode.
https://github.com/fluent/fluentd/pull/34663466

Misc

Remove needless spaces in a sample config file
https://github.com/fluent/fluentd/pull/34563456

`v1.13.2`

Enhancement

fluent-plugin-generate: Storage plugin was supported.
https://github.com/fluent/fluentd/pull/34263426
parser_json: Added support to customize configuration of oj options.
Use FLUENT_OJ_OPTION_BIGDECIMAL_LOAD, FLUENT_OJ_OPTION_MAX_NESTING,
FLUENT_OJ_OPTION_MODE, and FLUENT_OJ_OPTION_USE_TO_JSON environment
variable to configure https://github.com/fluent/fluentd/pull/3315ull/3315

Bug fix

binlog_reader: Fixed a crash bug by missing "fluent/env" dependency.
https://github.com/fluent/fluentd/pull/34433443
Fixed a crash bug on outputting log at the early stage when parsing
config file. This is a regression since v1.13.0. If you use invalid
'@' prefix parameter, remove it as https://github.com/fluent/fluentd/pull/3451/fluentd/pull/3451
in_tail: Fixed a bug that when rotation is occurred, remaining lines
will be discarded if the throttling feature is enablhttps://github.com/fluent/fluentd/pull/3390ull/3390
fluent-plugin-generate: Fixed a crash bug during gemspec generation.
It was unexpectedly introduced by #3305, thus this bug was a
regression since 1.12https://github.com/fluent/fluentd/pull/3444ull/3444

Misc

Fixed the runtime dependency version of http_parse.rb to 0.7.0.
It was fixed because false positive detection is occurred frequently
by security scanninghttps://github.com/fluent/fluentd/pull/3450td/pull/3450

`v1.13.1`

Bug fix

out_forward: Fixed a race condition on handshake
It's caused by using a same unpacker from multiple threahttps://github.com/fluent/fluentd/pull/3405uhttps://github.com/fluent/fluentd/pull/3406td/pull/3406
in_tail: Fixed to remove too much verbose debugging logs
It was unexpectedly introduced by #3185 log throttling feature.
https://github.com/fluent/fluentd/pull/34183418
Fixed not to echo back the provides path as is on a 404 error
There was a potential cross-site scripting vector even though
it is quite difficult to ehttps://github.com/fluent/fluentd/pull/3427td/pull/3427

Misc

Pretty print for Fluent::Config::Section has been supported
for debugghttps://github.com/fluent/fluentd/pull/3398ull/3398
CI: Dropped to run CI for Ruby 2.5
https://github.com/fluent/fluentd/pull/34123412

`v1.13.0`

Enhancement

in_tail: Handle log throttling per file feature
https://github.com/fluent/fluentd/pull/31853https://github.com/fluent/fluentd/pull/3364uhttps://github.com/fluent/fluentd/pull/3379td/pull/3379
Extend to support service discovery manager in simpler way
https://github.com/fluent/fluentd/pull/32993https://github.com/fluent/fluentd/pull/3362ull/3362
in_http: HTTP GET requests has been supported
https://github.com/fluent/fluentd/pull/33733373
The log rotate settings in system configuration has been supported
https://github.com/fluent/fluentd/pull/33523352

Bug fix

Fix to disable trace_instruction when
RubyVM::InstructionSequence is available. It improves
compatibility with truffleruby some extent.
https://github.com/fluent/fluentd/pull/33763376
in_tail: Safely skip files which are used by another process on
Windows. It improves exception handling about
ERROR_SHARING_VIOLATION on Windows.
https://github.com/fluent/fluentd/pull/33783378
fluent-cat: the issue resending secondary file in specific format
has been fihttps://github.com/fluent/fluentd/pull/3368ull/3368
in_tail: Shutdown immediately & safely even if reading huge files
Note that skip_refresh_on_startup must be enabled.
https://github.com/fluent/fluentd/pull/33803380

Misc

example: Change a path to backup_path in counter_server correctly
https://github.com/fluent/fluentd/pull/33593359
README: Update link to community forum to discuss.fluentd.org
https://github.com/fluent/fluentd/pull/33603360

`v1.12.4`

Bug fix

in_tail: Fix a bug that refresh_watcher fails to handle file rotations
https://github.com/fluent/fluentd/pull/33933393

`v1.12.3`

Enhancement

plugin_helper: Allow TLS to use keep-alive socket option
https://github.com/fluent/fluentd/pull/33083308

Bug fix

parser_csv, parser_syslog: Fix a naming conflict on parser_type
https://github.com/fluent/fluentd/pull/33023302
in_tail: Fix incorrect error code & message on Windows
https://github.com/fluent/fluentd/pull/33253https://github.com/fluent/fluentd/pull/3329uhttps://github.com/fluent/fluentd/pull/3331thttps://github.com/fluent/fluentd/pull/3337luentd/pull/3337
in_tail: Fix a crash bug on catching a short-lived log
https://github.com/fluent/fluentd/pull/33283328
storage_local: Fix position file corruption issue on concurrent gracefulReloads
https://github.com/fluent/fluentd/pull/33353335
Fix incorrect warnings about ${chunk_id} with out_s3
https://github.com/fluent/fluentd/pull/33393339
TLS Server: Add peer information to error log message
https://github.com/fluent/fluentd/pull/33303330

Misc

fluent-plugin-generate: add note about plugin name
https://github.com/fluent/fluentd/pull/33033303
fluent-plugin-generate: Use same depended gem version with fluentd
https://github.com/fluent/fluentd/pull/33053305
Fix some broken unit tests and improve CI's stability
https://github.com/fluent/fluentd/pull/33043https://github.com/fluent/fluentd/pull/3307uhttps://github.com/fluent/fluentd/pull/3312thttps://github.com/fluent/fluentd/pull/3313lhttps://github.com/fluent/fluentd/pull/3314nhttps://github.com/fluent/fluentd/pull/3316fhttps://github.com/fluent/fluentd/pull/3336com/Use GitHub Actions' status badges instead of Travis CI's fluent/fluentd#3336
Permit to install with win32-service 2.2.0 on Windows
https://github.com/fluent/fluentd/pull/33433343

`v1.12.2`

Enhancement

out_copy: Add ignore_if_prev_successes
https://github.com/fluent/fluentd/pull/31903https://github.com/fluent/fluentd/pull/3287ull/3287
Support multiple kind of timestamp format
https://github.com/fluent/fluentd/pull/32523252
formatter_ltsv: suppress delimiters in output
https://github.com/fluent/fluentd/pull/16661https://github.com/fluent/fluentd/pull/3288uhttps://github.com/fluent/fluentd/pull/3289td/pull/3289

Bug fix

in_tail: Expect ENOENT during stat
https://github.com/fluent/fluentd/pull/32753275
out_forward: Prevent transferring duplicate logs on restart
https://github.com/fluent/fluentd/pull/32673https://github.com/fluent/fluentd/pull/3285ull/3285
in_tail: Handle to send rotated logs when mv is used for rotating
https://github.com/fluent/fluentd/pull/32943294
fluent-plugin-config-format: Fill an uninitialized instance variable
https://github.com/fluent/fluentd/pull/32973297
Fix MessagePackEventStream issue with Enumerable methods
https://github.com/fluent/fluentd/pull/21162116

Misc

Add webrick to support Ruby 3.0
https://github.com/fluent/fluentd/pull/32573257
Suggest Discource instead of Google Groups
https://github.com/fluent/fluentd/pull/32613261
Update MAINTAINERS.md
https://github.com/fluent/fluentd/pull/32823282
Introduce DeepSource to check code quality
https://github.com/fluent/fluentd/pull/32863https://github.com/fluent/fluentd/pull/3259uhttps://github.com/fluent/fluentd/pull/3291td/pull/3291
Migrate to GitHub Actions and stabilize tests
https://github.com/fluent/fluentd/pull/32663https://github.com/fluent/fluentd/pull/3268uhttps://github.com/fluent/fluentd/pull/3281thttps://github.com/fluent/fluentd/pull/3283lhttps://github.com/fluent/fluentd/pull/3290nt/fluentd/pull/3290

`v1.12.1`

Enhancement

out_http: Add headers_from_placeholders parameter
https://github.com/fluent/fluentd/pull/32413241
fluent-plugin-config-format: Add --table option to use markdown table
https://github.com/fluent/fluentd/pull/32403240
Add --disable-shared-socket/disable_shared_socket to disable ServerEngine's shared socket setup
https://github.com/fluent/fluentd/pull/32503250

Bug fix

ca_generate: Fix creating TLS certification files which include broken extensions
https://github.com/fluent/fluentd/pull/32463246
test: Drop TLS 1.1 tests
https://github.com/fluent/fluentd/pull/32563256
Remove old gem constraints to support Ruby 3

Misc

Use GitHub Actions
https://github.com/fluent/fluentd/pull/32333https://github.com/fluent/fluentd/pull/3255ull/3255

`v1.12.0`

New feature

in_tail: Add follow_inode to support log rotation with wild card
https://github.com/fluent/fluentd/pull/31823182
in_tail: Handle linux capability
https://github.com/fluent/fluentd/pull/31553https://github.com/fluent/fluentd/pull/3162ull/3162
windows: Add win32 events alternative to unix signals
https://github.com/fluent/fluentd/pull/31313131

Enhancement

buffer: Enable metadata comparison optimization on all platforms
https://github.com/fluent/fluentd/pull/30953095
fluent-plugin-config-formatter: Handle service_discovery type
https://github.com/fluent/fluentd/pull/31783178
in_http: Add add_query_params parameter to add query params to event record
https://github.com/fluent/fluentd/pull/31973197
inject: Support unixtime_micros and unixtime_nanos in time_type
https://github.com/fluent/fluentd/pull/32203220
Refactoring code
https://github.com/fluent/fluentd/pull/31673https://github.com/fluent/fluentd/pull/3170uhttps://github.com/fluent/fluentd/pull/3180thttps://github.com/fluent/fluentd/pull/3196lhttps://github.com/fluent/fluentd/pull/3213nhttps://github.com/fluent/fluentd/pull/3222test_parser_syslog: Fix 2020-year failure fluent/fluentd#3222

Bug fix

output: Prevent retry.step from being called too many times in a short time
https://github.com/fluent/fluentd/pull/32033203

`v1.11.5`

Enhancement

formatter: Provide newline parameter to support CRLF
https://github.com/fluent/fluentd/pull/31523152
out_http: adding support for intermediate certificates
https://github.com/fluent/fluentd/pull/31463146
Update serverengine dependency to 2.2.2 or later

Bug fix

Fix a bug that windows service isn't stopped gracefuly
https://github.com/fluent/fluentd/pull/31563156

`v1.11.4`

Enhancement

inject: Support unixtime_millis in time_type parameter
https://github.com/fluent/fluentd/pull/31453145

Bug fix

out_http: Fix broken data with json_array true
https://github.com/fluent/fluentd/pull/31443144
output: Fix wrong logging issue for ${chunk_id}
https://github.com/fluent/fluentd/pull/31343134

`v1.11.3`

Enhancement

in_exec: Add connect_mode parameter to read stderr
https://github.com/fluent/fluentd/pull/31083108
parser_json: Improve the performance
https://github.com/fluent/fluentd/pull/31093109
log: Add ignore_same_log_interval parameter
https://github.com/fluent/fluentd/pull/31193119
Upgrade win32 gems
https://github.com/fluent/fluentd/pull/31003100
Refactoring code
https://github.com/fluent/fluentd/pull/30943https://github.com/fluent/fluentd/pull/3118ull/3118

Bug fix

buffer: Fix calculation of timekey stats
https://github.com/fluent/fluentd/pull/30183018
buffer: fix binmode usage for prevent gc
https://github.com/fluent/fluentd/pull/31383138

`v1.11.2`

Enhancement

in_dummy renamed to in_sample
https://github.com/fluent/fluentd/pull/30653065
Allow regular expression in filter/match directive
https://github.com/fluent/fluentd/pull/30713071
Refactoring code
https://github.com/fluent/fluentd/pull/30513051

Bug fix

buffer: Fix log message for chunk_limit_records case
https://github.com/fluent/fluentd/pull/30793079
buffer: Fix timekey optimization for non-windows platform
https://github.com/fluent/fluentd/pull/30923092
cert: Raise an error for broken certificate file
https://github.com/fluent/fluentd/pull/30863086
cert: Set TLS ciphers list correcty on older OpenSSL
https://github.com/fluent/fluentd/pull/30933093

`v1.11.1`

Enhancement

in_http: Add dump_error_log parameter
https://github.com/fluent/fluentd/pull/30353035
in_http: Improve time field handling
https://github.com/fluent/fluentd/pull/30463046
Refactoring code
https://github.com/fluent/fluentd/pull/30473047

Bug fix

in_tail: Use actual path instead of based pattern for ignore list
https://github.com/fluent/fluentd/pull/30423042
child_process helper: Fix child process failure due to SIGPIPE if the command uses stdout
https://github.com/fluent/fluentd/pull/30443044

`v1.11.0`

New feature

in_unix: Use v1 API
https://github.com/fluent/fluentd/pull/29922992

Enhancement

parser_syslog: Support any time_format for RFC3164 string parser
https://github.com/fluent/fluentd/pull/30143014
parser_syslog: Add new parser for RFC5424
https://github.com/fluent/fluentd/pull/30153015
Refactoring code
https://github.com/fluent/fluentd/pull/30193019

Bug fix

in_gc_stat: Add use_symbol_keys parameter to emit string key record
https://github.com/fluent/fluentd/pull/30083008

`v1.10.4`

Enhancement

out_http: Support single json array payload
https://github.com/fluent/fluentd/pull/29732973
Refactoring
https://github.com/fluent/fluentd/pull/29882988

Bug fix

supervisor: Call File.umask(0) for standalone worker
https://github.com/fluent/fluentd/pull/29872987
out_forward: Fix ZeroDivisionError issue with weight 0
https://github.com/fluent/fluentd/pull/29892989

`v1.10.3`

Enhancement

record_accessor: Add set method
https://github.com/fluent/fluentd/pull/29772977
config: Ruby DSL format is deprecated
https://github.com/fluent/fluentd/pull/29582958
Refactor code
https://github.com/fluent/fluentd/pull/29612https://github.com/fluent/fluentd/pull/2962uhttps://github.com/fluent/fluentd/pull/2965thttps://github.com/fluent/fluentd/pull/2966lhttps://github.com/fluent/fluentd/pull/2978nt/fluentd/pull/2978

Bug fix

out_forward: Disable linger_timeout setting on Windows
https://github.com/fluent/fluentd/pull/29592959
out_forward: Fix warning of service discovery manager when fluentd stops
https://github.com/fluent/fluentd/pull/29742974

`v1.10.2`

Enhancement

out_copy: Add plugin_id to log message
https://github.com/fluent/fluentd/pull/29342934
socket: Allow cert chains in mutual auth
https://github.com/fluent/fluentd/pull/29302930
system: Add ignore_repeated_log_interval parameter
https://github.com/fluent/fluentd/pull/29372937
windows: Allow to launch fluentd from whitespace included path
https://github.com/fluent/fluentd/pull/29202920
Refactor code
https://github.com/fluent/fluentd/pull/29352https://github.com/fluent/fluentd/pull/2936uhttps://github.com/fluent/fluentd/pull/2938thttps://github.com/fluent/fluentd/pull/2939lhttps://github.com/fluent/fluentd/pull/2946nt/fluentd/pull/2946

Bug fix

in_syslog: Fix octet-counting mode bug
https://github.com/fluent/fluentd/pull/29422942
out_forward: Create timer for purging obsolete sockets when keepalive_timeout is not set
https://github.com/fluent/fluentd/pull/29432943
out_forward: Need authentication when sending tcp heartbeat with keepalive
https://github.com/fluent/fluentd/pull/29452945
command: Fix fluent-debug start failure
https://github.com/fluent/fluentd/pull/29482948
command: Fix regression of supervisor's worker and --daemon combo
https://github.com/fluent/fluentd/pull/29502950

`v1.10.1`

Enhancement

command: --daemon and --no-supervisor now work together
https://github.com/fluent/fluentd/pull/29122912
Refactor code
https://github.com/fluent/fluentd/pull/29132913

Bug fix

in_tail: Fix pos_file_compaction_interval parameter type
https://github.com/fluent/fluentd/pull/29212921
in_tail: Fix seek position update after compaction
https://github.com/fluent/fluentd/pull/29222922
parser_syslog: Fix regression in the with_priority and RFC5424 case
https://github.com/fluent/fluentd/pull/29232923

Misc

Add document for security audit
https://github.com/fluent/fluentd/pull/29112911

`v1.10.0`

New feature

sd plugin: Add SRV record plugin
https://github.com/fluent/fluentd/pull/28762876

Enhancement

Bug fix

out_forward: windows: Permit to specify linger_timeout
https://github.com/fluent/fluentd/pull/28682868
parser_syslog: Fix syslog format detection
https://github.com/fluent/fluentd/pull/28792879
buffer: Fix available_buffer_space_ratio calculation
https://github.com/fluent/fluentd/pull/28822882
tls: Support CRLF based X.509 certificates
https://github.com/fluent/fluentd/pull/28902890
msgpack_factory mixin: Fix performance penalty for deprecation log
https://github.com/fluent/fluentd/pull/29032903

`v1.9.3`

Enhancement

in_tail: Emit buffered lines as unmatched_line at shutdown phase when emit_unmatched_lines true
https://github.com/fluent/fluentd/pull/28372837
Specify directory mode explicitly
https://github.com/fluent/fluentd/pull/28272827
server helper: Change SSLError log level to warn in accept
https://github.com/fluent/fluentd/pull/28612861
Refactor code
https://github.com/fluent/fluentd/pull/28292https://github.com/fluent/fluentd/pull/2830uhttps://github.com/fluent/fluentd/pull/2832thttps://github.com/fluent/fluentd/pull/2836lhttps://github.com/fluent/fluentd/pull/2838nhttps://github.com/fluent/fluentd/pull/2842fhttps://github.com/fluent/fluentd/pull/2843com/Flush buffer is invoked in line buffer fluent/fluentd#2843

Bug fix

buffer: Add seq to metadata that it can be unique
https://github.com/fluent/fluentd/pull/28242https://github.com/fluent/fluentd/pull/2853ull/2853
buffer: Use Tempfile as binmode for decompression
https://github.com/fluent/fluentd/pull/28472847

Misc

Add .idea to git ignore file
https://github.com/fluent/fluentd/pull/28342834
appveyor: Fix tests
https://github.com/fluent/fluentd/pull/28532https://github.com/fluent/fluentd/pull/2855ull/2855
Update pem for test
https://github.com/fluent/fluentd/pull/28392839

`v1.9.2`

Enhancement

in_tail: Add pos_file_compaction_interval parameter for auto compaction
https://github.com/fluent/fluentd/pull/28052805
command: Use given encoding when RUBYOPT has -E
https://github.com/fluent/fluentd/pull/28142814

Bug fix

command: Accept RUBYOPT with two or more options
https://github.com/fluent/fluentd/pull/28072807
command: Fix infinite loop bug when RUBYOPT is invalid
https://github.com/fluent/fluentd/pull/28132813
log: serverengine's log should be formatted with the same format of fluentd
https://github.com/fluent/fluentd/pull/28122812
in_http: Fix NoMethodError when OPTIONS request doesn't have 'Origin' header
https://github.com/fluent/fluentd/pull/28232823
parser_syslog: Improved for parsing RFC5424 structured data in parser_syslog
https://github.com/fluent/fluentd/pull/28162816

`v1.9.1`

Enhancement

http_server helper: Support HTTPS
https://github.com/fluent/fluentd/pull/27872787
in_tail: Add path_delimiter to split with any char
https://github.com/fluent/fluentd/pull/27962796
in_tail: Remove an entry from PositionaFile when it is unwatched
https://github.com/fluent/fluentd/pull/28032803
out_http: Add warning for retryable_response_code
https://github.com/fluent/fluentd/pull/28092809
parser_syslog: Add multiline RFC5424 support
https://github.com/fluent/fluentd/pull/27672767
Add TLS module to unify TLS related code
https://github.com/fluent/fluentd/pull/28022802

Bug fix

output: Add EncodingError to unrecoverable errors
https://github.com/fluent/fluentd/pull/28082808
tls: Fix TLS version handling in secure mode
https://github.com/fluent/fluentd/pull/28022802

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.


          chore(deps): update dependency fluentd to v1.14.2 [security]

a1273e1

renovate bot requested a review from a team as a code owner

October 9, 2023 10:52

renovate bot added area/security dependencies labels

pull-request-size bot added the size/XS label

kavirajk approved these changes

View reviewed changes

kavirajk merged commit 0f5cee8 into release-2.9.x

8 checks passed

kavirajk deleted the deps-update/release-2.9.x-rubygems-fluentd-vulnerability branch

October 9, 2023 14:10

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area/security dependencies size/XS