Skip to content

Commit

Permalink
chore(deps): update dependency fluentd to v1.15.3 [security] (main) (#…
Browse files Browse the repository at this point in the history
…10839)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [fluentd](https://www.fluentd.org/)
([source](https://github.com/fluent/fluentd)) | `'1.14.2'` ->
`'1.15.3'` |
[![age](https://developer.mend.io/api/mc/badges/age/rubygems/fluentd/1.15.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/rubygems/fluentd/1.15.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/rubygems/fluentd/'1.14.2'/1.15.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/rubygems/fluentd/'1.14.2'/1.15.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

### GitHub Vulnerability Alerts

####
[CVE-2022-39379](https://github.com/fluent/fluentd/security/advisories/GHSA-fppq-mj76-fpj2)

### Impact
A remote code execution (RCE) vulnerability in non-default
configurations of Fluentd allows unauthenticated attackers to execute
arbitrary code via specially crafted JSON payloads.

Fluentd setups are only affected if the environment variable
`FLUENT_OJ_OPTION_MODE` is explicitly set to `object`.

Please note: The option FLUENT_OJ_OPTION_MODE was introduced in Fluentd
version 1.13.2. Earlier versions of Fluentd are not affected by this
vulnerability.

### Patches
v1.15.3

### Workarounds
Do not use `FLUENT_OJ_OPTION_MODE=object`.

### References

* GHSL-2022-067

---

### Release Notes

<details>
<summary>fluent/fluentd (fluentd)</summary>

###
[`v1.15.3`](https://github.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1153---20221102)

[Compare
Source](https://github.com/fluent/fluentd/compare/v1.15.2...v1.15.3)

##### Bug Fix

-   Support glob for `!include` directive in YAML config format

[https://github.com/fluent/fluentd/pull/3917](https://github.com/fluent/fluentd/pull/3917)3917
-   Remove meaningless oj options

[https://github.com/fluent/fluentd/pull/3929](https://github.com/fluent/fluentd/pull/3929)3929
-   Fix log initializer to correctly create per-process files on Windows

[https://github.com/fluent/fluentd/pull/3939](https://github.com/fluent/fluentd/pull/3939)3939
-   out_file: Fix the multi-worker check with `<worker 0-N>` directive

[https://github.com/fluent/fluentd/pull/3942](https://github.com/fluent/fluentd/pull/3942)3942

##### Misc

-   Fix broken tests on Ruby 3.2

[https://github.com/fluent/fluentd/pull/3883](https://github.com/fluent/fluentd/pull/3883)3[https://github.com/fluent/fluentd/pull/3922](https://github.com/fluent/fluentd/pull/3922)ull/3922

###
[`v1.15.2`](https://github.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1152---20220822)

[Compare
Source](https://github.com/fluent/fluentd/compare/v1.15.1...v1.15.2)

##### Enhancement

-   Add a new system configuration `enable_jit`

[https://github.com/fluent/fluentd/pull/3857](https://github.com/fluent/fluentd/pull/3857)3857

##### Bug Fix

-   out_file: Fix append mode with `--daemon` flag

[https://github.com/fluent/fluentd/pull/3864](https://github.com/fluent/fluentd/pull/3864)3864
-   child_process: Plug file descriptor leak

[https://github.com/fluent/fluentd/pull/3844](https://github.com/fluent/fluentd/pull/3844)3844

##### Misc

-   Drop win32-api gem to support Ruby 3.2

[https://github.com/fluent/fluentd/pull/3849](https://github.com/fluent/fluentd/pull/3849)3[https://github.com/fluent/fluentd/pull/3866](https://github.com/fluent/fluentd/pull/3866)ull/3866

###
[`v1.15.1`](https://github.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1151---20220727)

[Compare
Source](https://github.com/fluent/fluentd/compare/v1.15.0...v1.15.1)

##### Bug Fix

-   Add support for concurrent append in out_file

[https://github.com/fluent/fluentd/pull/3808](https://github.com/fluent/fluentd/pull/3808)3808

##### Misc

-   in_tail: Show more information on skipping update_watcher

[https://github.com/fluent/fluentd/pull/3829](https://github.com/fluent/fluentd/pull/3829)3829

###
[`v1.15.0`](https://github.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1150---20220629)

[Compare
Source](https://github.com/fluent/fluentd/compare/v1.14.6...v1.15.0)

##### Enhancement

-   in_tail: Add log throttling in files based on group rules

[https://github.com/fluent/fluentd/pull/3535](https://github.com/fluent/fluentd/pull/3535)3[https://github.com/fluent/fluentd/pull/3771](https://github.com/fluent/fluentd/pull/3771)ull/3771
-   Add `dump` command to fluent-ctl

[https://github.com/fluent/fluentd/pull/3680](https://github.com/fluent/fluentd/pull/3680)3680
-   Handle YAML configuration format on configuration file

[https://github.com/fluent/fluentd/pull/3712](https://github.com/fluent/fluentd/pull/3712)3712
- Add `restart_worker_interval` parameter in `<system>` directive to set
interval to restart workers that has stopped for some
reas[https://github.com/fluent/fluentd/pull/3768](https://github.com/fluent/fluentd/pull/3768)ull/3768

##### Bug fixes

-   out_forward: Fix to update timeout of cached sockets

[https://github.com/fluent/fluentd/pull/3711](https://github.com/fluent/fluentd/pull/3711)3711
- in_tail: Fix a possible crash on file rotation when `follow_inodes
true`

[https://github.com/fluent/fluentd/pull/3754](https://github.com/fluent/fluentd/pull/3754)3754
-   output: Fix a possible crash of flush thread

[https://github.com/fluent/fluentd/pull/3755](https://github.com/fluent/fluentd/pull/3755)3755
-   in_tail: Fix crash bugs on Ruby 3.1 on Windows

[https://github.com/fluent/fluentd/pull/3766](https://github.com/fluent/fluentd/pull/3766)3766
- in_tail: Fix a bug that in_tail cannot open non-ascii path on Windows

[https://github.com/fluent/fluentd/pull/3774](https://github.com/fluent/fluentd/pull/3774)3774
- Fix a bug that fluentd doesn't release its own log file even after
rotated by
external
to[https://github.com/fluent/fluentd/pull/3782](https://github.com/fluent/fluentd/pull/3782)ull/3782

##### Misc

-   in_tail: Simplify TargetInfo related code

[https://github.com/fluent/fluentd/pull/3489](https://github.com/fluent/fluentd/pull/3489)3489
-   Fix a wrong issue number in CHANGELOG

[https://github.com/fluent/fluentd/pull/3700](https://github.com/fluent/fluentd/pull/3700)3700
-   server helper: Add comments to linger_timeout behavior about Windows

[https://github.com/fluent/fluentd/pull/3701](https://github.com/fluent/fluentd/pull/3701)3701
-   service_discovery: Fix typo

[https://github.com/fluent/fluentd/pull/3724](https://github.com/fluent/fluentd/pull/3724)3724
-   test: Fix unstable tests and warnings

[https://github.com/fluent/fluentd/pull/3745](https://github.com/fluent/fluentd/pull/3745)3[https://github.com/fluent/fluentd/pull/3753](https://github.com/fluent/fluentd/pull/3753)u[https://github.com/fluent/fluentd/pull/3767](https://github.com/fluent/fluentd/pull/3767)t[https://github.com/fluent/fluentd/pull/3783](https://github.com/fluent/fluentd/pull/3783)l[https://github.com/fluent/fluentd/pull/3784](https://github.com/fluent/fluentd/pull/3784)n[https://github.com/fluent/fluentd/pull/3785](https://github.com/fluent/fluentd/pull/3785)f[https://github.com/fluent/fluentd/pull/3787](https://github.com/fluent/fluentd/pull/3787)com/fluent/fluentd/pull/3787

###
[`v1.14.6`](https://github.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1146---20220331)

[Compare
Source](https://github.com/fluent/fluentd/compare/v1.14.5...v1.14.6)

##### Enhancement

-   Enable server plugins to specify socket-option `SO_LINGER`

[https://github.com/fluent/fluentd/pull/3644](https://github.com/fluent/fluentd/pull/3644)3644
-   Add `--umask` command line parameter

[https://github.com/fluent/fluentd/pull/3671](https://github.com/fluent/fluentd/pull/3671)3[https://github.com/fluent/fluentd/pull/3679](https://github.com/fluent/fluentd/pull/3679)ull/3679

##### Bug fixes

-   Fix metric name typo

[https://github.com/fluent/fluentd/pull/3630](https://github.com/fluent/fluentd/pull/3630)3[https://github.com/fluent/fluentd/pull/3673](https://github.com/fluent/fluentd/pull/3673)ull/3673
- Apply modifications in pipeline to the records being passed to
`@ERROR` label

[https://github.com/fluent/fluentd/pull/3631](https://github.com/fluent/fluentd/pull/3631)3631
-   Fix wrong calculation of retry interval

[https://github.com/fluent/fluentd/pull/3640](https://github.com/fluent/fluentd/pull/3640)3[https://github.com/fluent/fluentd/pull/3649](https://github.com/fluent/fluentd/pull/3649)u[https://github.com/fluent/fluentd/pull/3685](https://github.com/fluent/fluentd/pull/3685)t[https://github.com/fluent/fluentd/pull/3686](https://github.com/fluent/fluentd/pull/3686)luentd/pull/3686
-   Support IPv6 address for `rpc_endpoint` in `system` config

[https://github.com/fluent/fluentd/pull/3641](https://github.com/fluent/fluentd/pull/3641)3641

##### Misc

-   CI: Support Ruby 3.1 except Windows

[https://github.com/fluent/fluentd/pull/3619](https://github.com/fluent/fluentd/pull/3619)3619
-   Switch to GitHub Discussions

[https://github.com/fluent/fluentd/pull/3654](https://github.com/fluent/fluentd/pull/3654)3654
-   Fix CHANGELOG.md heading styles

[https://github.com/fluent/fluentd/pull/3648](https://github.com/fluent/fluentd/pull/3648)3648
-   Declare `null_value_pattern` as `regexp`

[https://github.com/fluent/fluentd/pull/3650](https://github.com/fluent/fluentd/pull/3650)3650

###
[`v1.14.5`](https://github.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1145---20220209)

[Compare
Source](https://github.com/fluent/fluentd/compare/v1.14.4...v1.14.5)

##### Enhancement

-   Add support for "application/x-ndjson" to `in_http`

[https://github.com/fluent/fluentd/pull/3616](https://github.com/fluent/fluentd/pull/3616)3616
-   Add support for ucrt binary for Windows

[https://github.com/fluent/fluentd/pull/3613](https://github.com/fluent/fluentd/pull/3613)3613

##### Bug fixes

-   Don't retry when `retry_max_times == 0`

[https://github.com/fluent/fluentd/pull/3608](https://github.com/fluent/fluentd/pull/3608)3608
-   Fix hang-up issue during TLS handshake in `out_forward`

[https://github.com/fluent/fluentd/pull/3601](https://github.com/fluent/fluentd/pull/3601)3601
-   Bump up required ServerEngine to v2.2.5

[https://github.com/fluent/fluentd/pull/3599](https://github.com/fluent/fluentd/pull/3599)3599
-   Fix "invalid byte sequence is replaced" warning on Kubernetes

[https://github.com/fluent/fluentd/pull/3596](https://github.com/fluent/fluentd/pull/3596)3596
- Fix "ArgumentError: unknown keyword: :logger" on Windows with Ruby 3.1

[https://github.com/fluent/fluentd/pull/3592](https://github.com/fluent/fluentd/pull/3592)3592

###
[`v1.14.4`](https://github.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1144---20220106)

[Compare
Source](https://github.com/fluent/fluentd/compare/v1.14.3...v1.14.4)

##### Enhancement

-   `in_tail`: Add option to skip long lines (`max_line_size`)

[https://github.com/fluent/fluentd/pull/3565](https://github.com/fluent/fluentd/pull/3565)3565

##### Bug fix

- Incorrect BufferChunkOverflowError when each event size is <
`chunk_limit_size`

[https://github.com/fluent/fluentd/pull/3560](https://github.com/fluent/fluentd/pull/3560)3560
- On macOS with Ruby 2.7/3.0, `out_file` fails to write events if
`append` is true.

[https://github.com/fluent/fluentd/pull/3579](https://github.com/fluent/fluentd/pull/3579)3579
-   test: Fix unstable test cases

[https://github.com/fluent/fluentd/pull/3574](https://github.com/fluent/fluentd/pull/3574)3[https://github.com/fluent/fluentd/pull/3577](https://github.com/fluent/fluentd/pull/3577)ull/3577

###
[`v1.14.3`](https://github.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1143---20211126)

[Compare
Source](https://github.com/fluent/fluentd/compare/v1.14.2...v1.14.3)

##### Enhancement

-   Changed to accept `http_parser.rb` 0.8.0.
    `http_parser.rb` 0.8.0 is ready for Ractor.

[https://github.com/fluent/fluentd/pull/3544](https://github.com/fluent/fluentd/pull/3544)3544

##### Bug fix

-   in_tail: Fixed a bug that no new logs are read when
    `enable_stat_watcher true` and `enable_watch_timer false` is set.

[https://github.com/fluent/fluentd/pull/3541](https://github.com/fluent/fluentd/pull/3541)3541
-   in_tail: Fixed a bug that the beginning and initial lines are lost
after startup when `read_from_head false` and path includes wildcard
'\*'.[https://github.com/fluent/fluentd/pull/3542](https://github.com/fluent/fluentd/pull/3542)/3542
-   Fixed a bug that processing messages were lost when
    BufferChunkOverflowError was thrown even though only a specific
message size exceeds
chunk_limi[https://github.com/fluent/fluentd/pull/3553](https://github.com/fluent/fluentd/pull/3553)t[https://github.com/fluent/fluentd/pull/3562](https://github.com/fluent/fluentd/pull/3562)luentd/pull/3562

##### Misc

-   Bump up required version of `win32-service` gem.
newer version is required to implement additional `fluent-ctl` commands.

[https://github.com/fluent/fluentd/pull/3556](https://github.com/fluent/fluentd/pull/3556)3556

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no
schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/grafana/loki).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy44LjEiLCJ1cGRhdGVkSW5WZXIiOiIzNy44LjEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
  • Loading branch information
renovate[bot] authored Oct 10, 2023
1 parent 0be1913 commit b2c4511
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion clients/cmd/fluentd/docker/Gemfile
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,5 @@

source 'https://rubygems.org'

gem 'fluentd', '1.14.2'
gem 'fluentd', '1.15.3'
gem 'fluent-plugin-multi-format-parser', '~>1.0.0'

0 comments on commit b2c4511

Please sign in to comment.