Skip to content

Commit

Permalink
chore(deps): update dependency fluentd to v1.15.3 [security] (main) (#…
Browse files Browse the repository at this point in the history 
…10839)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [fluentd](https://www.fluentd.org/)
([source](https://togithub.com/fluent/fluentd)) | `'1.14.2'` ->
`'1.15.3'` |
[![age](https://developer.mend.io/api/mc/badges/age/rubygems/fluentd/1.15.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/rubygems/fluentd/1.15.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/rubygems/fluentd/'1.14.2'/1.15.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/rubygems/fluentd/'1.14.2'/1.15.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

### GitHub Vulnerability Alerts

####
[CVE-2022-39379](https://togithub.com/fluent/fluentd/security/advisories/GHSA-fppq-mj76-fpj2)

### Impact
A remote code execution (RCE) vulnerability in non-default
configurations of Fluentd allows unauthenticated attackers to execute
arbitrary code via specially crafted JSON payloads.

Fluentd setups are only affected if the environment variable
`FLUENT_OJ_OPTION_MODE` is explicitly set to `object`.

Please note: The option FLUENT_OJ_OPTION_MODE was introduced in Fluentd
version 1.13.2. Earlier versions of Fluentd are not affected by this
vulnerability.

### Patches
v1.15.3

### Workarounds
Do not use `FLUENT_OJ_OPTION_MODE=object`.

### References

* GHSL-2022-067

---

### Release Notes

<details>
<summary>fluent/fluentd (fluentd)</summary>

###
[`v1.15.3`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1153---20221102)

[Compare
Source](https://togithub.com/fluent/fluentd/compare/v1.15.2...v1.15.3)

##### Bug Fix

-   Support glob for `!include` directive in YAML config format

[fluent/fluentd#3917
-   Remove meaningless oj options

[fluent/fluentd#3929
-   Fix log initializer to correctly create per-process files on Windows

[fluent/fluentd#3939
-   out_file: Fix the multi-worker check with `<worker 0-N>` directive

[fluent/fluentd#3942

##### Misc

-   Fix broken tests on Ruby 3.2

[fluent/fluentd#3883

###
[`v1.15.2`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1152---20220822)

[Compare
Source](https://togithub.com/fluent/fluentd/compare/v1.15.1...v1.15.2)

##### Enhancement

-   Add a new system configuration `enable_jit`

[fluent/fluentd#3857

##### Bug Fix

-   out_file: Fix append mode with `--daemon` flag

[fluent/fluentd#3864
-   child_process: Plug file descriptor leak

[fluent/fluentd#3844

##### Misc

-   Drop win32-api gem to support Ruby 3.2

[fluent/fluentd#3849

###
[`v1.15.1`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1151---20220727)

[Compare
Source](https://togithub.com/fluent/fluentd/compare/v1.15.0...v1.15.1)

##### Bug Fix

-   Add support for concurrent append in out_file

[fluent/fluentd#3808

##### Misc

-   in_tail: Show more information on skipping update_watcher

[fluent/fluentd#3829

###
[`v1.15.0`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1150---20220629)

[Compare
Source](https://togithub.com/fluent/fluentd/compare/v1.14.6...v1.15.0)

##### Enhancement

-   in_tail: Add log throttling in files based on group rules

[fluent/fluentd#3535
-   Add `dump` command to fluent-ctl

[fluent/fluentd#3680
-   Handle YAML configuration format on configuration file

[fluent/fluentd#3712
- Add `restart_worker_interval` parameter in `<system>` directive to set
interval to restart workers that has stopped for some
reas[fluent/fluentd#3768

##### Bug fixes

-   out_forward: Fix to update timeout of cached sockets

[fluent/fluentd#3711
- in_tail: Fix a possible crash on file rotation when `follow_inodes
true`

[fluent/fluentd#3754
-   output: Fix a possible crash of flush thread

[fluent/fluentd#3755
-   in_tail: Fix crash bugs on Ruby 3.1 on Windows

[fluent/fluentd#3766
- in_tail: Fix a bug that in_tail cannot open non-ascii path on Windows

[fluent/fluentd#3774
- Fix a bug that fluentd doesn't release its own log file even after
rotated by
external
to[fluent/fluentd#3782

##### Misc

-   in_tail: Simplify TargetInfo related code

[fluent/fluentd#3489
-   Fix a wrong issue number in CHANGELOG

[fluent/fluentd#3700
-   server helper: Add comments to linger_timeout behavior about Windows

[fluent/fluentd#3701
-   service_discovery: Fix typo

[fluent/fluentd#3724
-   test: Fix unstable tests and warnings

[fluent/fluentd#3745

###
[`v1.14.6`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1146---20220331)

[Compare
Source](https://togithub.com/fluent/fluentd/compare/v1.14.5...v1.14.6)

##### Enhancement

-   Enable server plugins to specify socket-option `SO_LINGER`

[fluent/fluentd#3644
-   Add `--umask` command line parameter

[fluent/fluentd#3671

##### Bug fixes

-   Fix metric name typo

[fluent/fluentd#3630
- Apply modifications in pipeline to the records being passed to
`@ERROR` label

[fluent/fluentd#3631
-   Fix wrong calculation of retry interval

[fluent/fluentd#3640
-   Support IPv6 address for `rpc_endpoint` in `system` config

[fluent/fluentd#3641

##### Misc

-   CI: Support Ruby 3.1 except Windows

[fluent/fluentd#3619
-   Switch to GitHub Discussions

[fluent/fluentd#3654
-   Fix CHANGELOG.md heading styles

[fluent/fluentd#3648
-   Declare `null_value_pattern` as `regexp`

[fluent/fluentd#3650

###
[`v1.14.5`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1145---20220209)

[Compare
Source](https://togithub.com/fluent/fluentd/compare/v1.14.4...v1.14.5)

##### Enhancement

-   Add support for "application/x-ndjson" to `in_http`

[fluent/fluentd#3616
-   Add support for ucrt binary for Windows

[fluent/fluentd#3613

##### Bug fixes

-   Don't retry when `retry_max_times == 0`

[fluent/fluentd#3608
-   Fix hang-up issue during TLS handshake in `out_forward`

[fluent/fluentd#3601
-   Bump up required ServerEngine to v2.2.5

[fluent/fluentd#3599
-   Fix "invalid byte sequence is replaced" warning on Kubernetes

[fluent/fluentd#3596
- Fix "ArgumentError: unknown keyword: :logger" on Windows with Ruby 3.1

[fluent/fluentd#3592

###
[`v1.14.4`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1144---20220106)

[Compare
Source](https://togithub.com/fluent/fluentd/compare/v1.14.3...v1.14.4)

##### Enhancement

-   `in_tail`: Add option to skip long lines (`max_line_size`)

[fluent/fluentd#3565

##### Bug fix

- Incorrect BufferChunkOverflowError when each event size is <
`chunk_limit_size`

[fluent/fluentd#3560
- On macOS with Ruby 2.7/3.0, `out_file` fails to write events if
`append` is true.

[fluent/fluentd#3579
-   test: Fix unstable test cases

[fluent/fluentd#3574

###
[`v1.14.3`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1143---20211126)

[Compare
Source](https://togithub.com/fluent/fluentd/compare/v1.14.2...v1.14.3)

##### Enhancement

-   Changed to accept `http_parser.rb` 0.8.0.
    `http_parser.rb` 0.8.0 is ready for Ractor.

[fluent/fluentd#3544

##### Bug fix

-   in_tail: Fixed a bug that no new logs are read when
    `enable_stat_watcher true` and `enable_watch_timer false` is set.

[fluent/fluentd#3541
-   in_tail: Fixed a bug that the beginning and initial lines are lost
after startup when `read_from_head false` and path includes wildcard
'\*'.[fluent/fluentd#3542
-   Fixed a bug that processing messages were lost when
    BufferChunkOverflowError was thrown even though only a specific
message size exceeds
chunk_limi[fluent/fluentd#3553

##### Misc

-   Bump up required version of `win32-service` gem.
newer version is required to implement additional `fluent-ctl` commands.

[fluent/fluentd#3556

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no
schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/grafana/loki).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy44LjEiLCJ1cGRhdGVkSW5WZXIiOiIzNy44LjEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
  • Loading branch information
@renovate
renovate[bot] committed Oct 10, 2023
1 parent 0be1913 commit b2c4511
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion clients/cmd/fluentd/docker/Gemfile
View file
Expand Up @@ -2,5 +2,5 @@

source 'https://rubygems.org'

gem 'fluentd', '1.14.2'
gem 'fluentd', '1.15.3'
gem 'fluent-plugin-multi-format-parser', '~>1.0.0'

0 comments on commit b2c4511

Please sign in to comment.