From b2c4511a4472f43e68c199f837c35f8e9276f8bf Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 10 Oct 2023 16:12:37 +0200 Subject: [PATCH] chore(deps): update dependency fluentd to v1.15.3 [security] (main) (#10839) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [fluentd](https://www.fluentd.org/) ([source](https://togithub.com/fluent/fluentd)) | `'1.14.2'` -> `'1.15.3'` | [![age](https://developer.mend.io/api/mc/badges/age/rubygems/fluentd/1.15.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/rubygems/fluentd/1.15.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/rubygems/fluentd/'1.14.2'/1.15.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/rubygems/fluentd/'1.14.2'/1.15.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | ### GitHub Vulnerability Alerts #### [CVE-2022-39379](https://togithub.com/fluent/fluentd/security/advisories/GHSA-fppq-mj76-fpj2) ### Impact A remote code execution (RCE) vulnerability in non-default configurations of Fluentd allows unauthenticated attackers to execute arbitrary code via specially crafted JSON payloads. Fluentd setups are only affected if the environment variable `FLUENT_OJ_OPTION_MODE` is explicitly set to `object`. Please note: The option FLUENT_OJ_OPTION_MODE was introduced in Fluentd version 1.13.2. Earlier versions of Fluentd are not affected by this vulnerability. ### Patches v1.15.3 ### Workarounds Do not use `FLUENT_OJ_OPTION_MODE=object`. ### References * GHSL-2022-067 --- ### Release Notes
fluent/fluentd (fluentd) ### [`v1.15.3`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1153---20221102) [Compare Source](https://togithub.com/fluent/fluentd/compare/v1.15.2...v1.15.3) ##### Bug Fix - Support glob for `!include` directive in YAML config format [https://github.com/fluent/fluentd/pull/3917](https://togithub.com/fluent/fluentd/pull/3917)3917 - Remove meaningless oj options [https://github.com/fluent/fluentd/pull/3929](https://togithub.com/fluent/fluentd/pull/3929)3929 - Fix log initializer to correctly create per-process files on Windows [https://github.com/fluent/fluentd/pull/3939](https://togithub.com/fluent/fluentd/pull/3939)3939 - out_file: Fix the multi-worker check with `` directive [https://github.com/fluent/fluentd/pull/3942](https://togithub.com/fluent/fluentd/pull/3942)3942 ##### Misc - Fix broken tests on Ruby 3.2 [https://github.com/fluent/fluentd/pull/3883](https://togithub.com/fluent/fluentd/pull/3883)3[https://github.com/fluent/fluentd/pull/3922](https://togithub.com/fluent/fluentd/pull/3922)ull/3922 ### [`v1.15.2`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1152---20220822) [Compare Source](https://togithub.com/fluent/fluentd/compare/v1.15.1...v1.15.2) ##### Enhancement - Add a new system configuration `enable_jit` [https://github.com/fluent/fluentd/pull/3857](https://togithub.com/fluent/fluentd/pull/3857)3857 ##### Bug Fix - out_file: Fix append mode with `--daemon` flag [https://github.com/fluent/fluentd/pull/3864](https://togithub.com/fluent/fluentd/pull/3864)3864 - child_process: Plug file descriptor leak [https://github.com/fluent/fluentd/pull/3844](https://togithub.com/fluent/fluentd/pull/3844)3844 ##### Misc - Drop win32-api gem to support Ruby 3.2 [https://github.com/fluent/fluentd/pull/3849](https://togithub.com/fluent/fluentd/pull/3849)3[https://github.com/fluent/fluentd/pull/3866](https://togithub.com/fluent/fluentd/pull/3866)ull/3866 ### [`v1.15.1`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1151---20220727) [Compare Source](https://togithub.com/fluent/fluentd/compare/v1.15.0...v1.15.1) ##### Bug Fix - Add support for concurrent append in out_file [https://github.com/fluent/fluentd/pull/3808](https://togithub.com/fluent/fluentd/pull/3808)3808 ##### Misc - in_tail: Show more information on skipping update_watcher [https://github.com/fluent/fluentd/pull/3829](https://togithub.com/fluent/fluentd/pull/3829)3829 ### [`v1.15.0`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1150---20220629) [Compare Source](https://togithub.com/fluent/fluentd/compare/v1.14.6...v1.15.0) ##### Enhancement - in_tail: Add log throttling in files based on group rules [https://github.com/fluent/fluentd/pull/3535](https://togithub.com/fluent/fluentd/pull/3535)3[https://github.com/fluent/fluentd/pull/3771](https://togithub.com/fluent/fluentd/pull/3771)ull/3771 - Add `dump` command to fluent-ctl [https://github.com/fluent/fluentd/pull/3680](https://togithub.com/fluent/fluentd/pull/3680)3680 - Handle YAML configuration format on configuration file [https://github.com/fluent/fluentd/pull/3712](https://togithub.com/fluent/fluentd/pull/3712)3712 - Add `restart_worker_interval` parameter in `` directive to set interval to restart workers that has stopped for some reas[https://github.com/fluent/fluentd/pull/3768](https://togithub.com/fluent/fluentd/pull/3768)ull/3768 ##### Bug fixes - out_forward: Fix to update timeout of cached sockets [https://github.com/fluent/fluentd/pull/3711](https://togithub.com/fluent/fluentd/pull/3711)3711 - in_tail: Fix a possible crash on file rotation when `follow_inodes true` [https://github.com/fluent/fluentd/pull/3754](https://togithub.com/fluent/fluentd/pull/3754)3754 - output: Fix a possible crash of flush thread [https://github.com/fluent/fluentd/pull/3755](https://togithub.com/fluent/fluentd/pull/3755)3755 - in_tail: Fix crash bugs on Ruby 3.1 on Windows [https://github.com/fluent/fluentd/pull/3766](https://togithub.com/fluent/fluentd/pull/3766)3766 - in_tail: Fix a bug that in_tail cannot open non-ascii path on Windows [https://github.com/fluent/fluentd/pull/3774](https://togithub.com/fluent/fluentd/pull/3774)3774 - Fix a bug that fluentd doesn't release its own log file even after rotated by external to[https://github.com/fluent/fluentd/pull/3782](https://togithub.com/fluent/fluentd/pull/3782)ull/3782 ##### Misc - in_tail: Simplify TargetInfo related code [https://github.com/fluent/fluentd/pull/3489](https://togithub.com/fluent/fluentd/pull/3489)3489 - Fix a wrong issue number in CHANGELOG [https://github.com/fluent/fluentd/pull/3700](https://togithub.com/fluent/fluentd/pull/3700)3700 - server helper: Add comments to linger_timeout behavior about Windows [https://github.com/fluent/fluentd/pull/3701](https://togithub.com/fluent/fluentd/pull/3701)3701 - service_discovery: Fix typo [https://github.com/fluent/fluentd/pull/3724](https://togithub.com/fluent/fluentd/pull/3724)3724 - test: Fix unstable tests and warnings [https://github.com/fluent/fluentd/pull/3745](https://togithub.com/fluent/fluentd/pull/3745)3[https://github.com/fluent/fluentd/pull/3753](https://togithub.com/fluent/fluentd/pull/3753)u[https://github.com/fluent/fluentd/pull/3767](https://togithub.com/fluent/fluentd/pull/3767)t[https://github.com/fluent/fluentd/pull/3783](https://togithub.com/fluent/fluentd/pull/3783)l[https://github.com/fluent/fluentd/pull/3784](https://togithub.com/fluent/fluentd/pull/3784)n[https://github.com/fluent/fluentd/pull/3785](https://togithub.com/fluent/fluentd/pull/3785)f[https://github.com/fluent/fluentd/pull/3787](https://togithub.com/fluent/fluentd/pull/3787)com/fluent/fluentd/pull/3787 ### [`v1.14.6`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1146---20220331) [Compare Source](https://togithub.com/fluent/fluentd/compare/v1.14.5...v1.14.6) ##### Enhancement - Enable server plugins to specify socket-option `SO_LINGER` [https://github.com/fluent/fluentd/pull/3644](https://togithub.com/fluent/fluentd/pull/3644)3644 - Add `--umask` command line parameter [https://github.com/fluent/fluentd/pull/3671](https://togithub.com/fluent/fluentd/pull/3671)3[https://github.com/fluent/fluentd/pull/3679](https://togithub.com/fluent/fluentd/pull/3679)ull/3679 ##### Bug fixes - Fix metric name typo [https://github.com/fluent/fluentd/pull/3630](https://togithub.com/fluent/fluentd/pull/3630)3[https://github.com/fluent/fluentd/pull/3673](https://togithub.com/fluent/fluentd/pull/3673)ull/3673 - Apply modifications in pipeline to the records being passed to `@ERROR` label [https://github.com/fluent/fluentd/pull/3631](https://togithub.com/fluent/fluentd/pull/3631)3631 - Fix wrong calculation of retry interval [https://github.com/fluent/fluentd/pull/3640](https://togithub.com/fluent/fluentd/pull/3640)3[https://github.com/fluent/fluentd/pull/3649](https://togithub.com/fluent/fluentd/pull/3649)u[https://github.com/fluent/fluentd/pull/3685](https://togithub.com/fluent/fluentd/pull/3685)t[https://github.com/fluent/fluentd/pull/3686](https://togithub.com/fluent/fluentd/pull/3686)luentd/pull/3686 - Support IPv6 address for `rpc_endpoint` in `system` config [https://github.com/fluent/fluentd/pull/3641](https://togithub.com/fluent/fluentd/pull/3641)3641 ##### Misc - CI: Support Ruby 3.1 except Windows [https://github.com/fluent/fluentd/pull/3619](https://togithub.com/fluent/fluentd/pull/3619)3619 - Switch to GitHub Discussions [https://github.com/fluent/fluentd/pull/3654](https://togithub.com/fluent/fluentd/pull/3654)3654 - Fix CHANGELOG.md heading styles [https://github.com/fluent/fluentd/pull/3648](https://togithub.com/fluent/fluentd/pull/3648)3648 - Declare `null_value_pattern` as `regexp` [https://github.com/fluent/fluentd/pull/3650](https://togithub.com/fluent/fluentd/pull/3650)3650 ### [`v1.14.5`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1145---20220209) [Compare Source](https://togithub.com/fluent/fluentd/compare/v1.14.4...v1.14.5) ##### Enhancement - Add support for "application/x-ndjson" to `in_http` [https://github.com/fluent/fluentd/pull/3616](https://togithub.com/fluent/fluentd/pull/3616)3616 - Add support for ucrt binary for Windows [https://github.com/fluent/fluentd/pull/3613](https://togithub.com/fluent/fluentd/pull/3613)3613 ##### Bug fixes - Don't retry when `retry_max_times == 0` [https://github.com/fluent/fluentd/pull/3608](https://togithub.com/fluent/fluentd/pull/3608)3608 - Fix hang-up issue during TLS handshake in `out_forward` [https://github.com/fluent/fluentd/pull/3601](https://togithub.com/fluent/fluentd/pull/3601)3601 - Bump up required ServerEngine to v2.2.5 [https://github.com/fluent/fluentd/pull/3599](https://togithub.com/fluent/fluentd/pull/3599)3599 - Fix "invalid byte sequence is replaced" warning on Kubernetes [https://github.com/fluent/fluentd/pull/3596](https://togithub.com/fluent/fluentd/pull/3596)3596 - Fix "ArgumentError: unknown keyword: :logger" on Windows with Ruby 3.1 [https://github.com/fluent/fluentd/pull/3592](https://togithub.com/fluent/fluentd/pull/3592)3592 ### [`v1.14.4`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1144---20220106) [Compare Source](https://togithub.com/fluent/fluentd/compare/v1.14.3...v1.14.4) ##### Enhancement - `in_tail`: Add option to skip long lines (`max_line_size`) [https://github.com/fluent/fluentd/pull/3565](https://togithub.com/fluent/fluentd/pull/3565)3565 ##### Bug fix - Incorrect BufferChunkOverflowError when each event size is < `chunk_limit_size` [https://github.com/fluent/fluentd/pull/3560](https://togithub.com/fluent/fluentd/pull/3560)3560 - On macOS with Ruby 2.7/3.0, `out_file` fails to write events if `append` is true. [https://github.com/fluent/fluentd/pull/3579](https://togithub.com/fluent/fluentd/pull/3579)3579 - test: Fix unstable test cases [https://github.com/fluent/fluentd/pull/3574](https://togithub.com/fluent/fluentd/pull/3574)3[https://github.com/fluent/fluentd/pull/3577](https://togithub.com/fluent/fluentd/pull/3577)ull/3577 ### [`v1.14.3`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1143---20211126) [Compare Source](https://togithub.com/fluent/fluentd/compare/v1.14.2...v1.14.3) ##### Enhancement - Changed to accept `http_parser.rb` 0.8.0. `http_parser.rb` 0.8.0 is ready for Ractor. [https://github.com/fluent/fluentd/pull/3544](https://togithub.com/fluent/fluentd/pull/3544)3544 ##### Bug fix - in_tail: Fixed a bug that no new logs are read when `enable_stat_watcher true` and `enable_watch_timer false` is set. [https://github.com/fluent/fluentd/pull/3541](https://togithub.com/fluent/fluentd/pull/3541)3541 - in_tail: Fixed a bug that the beginning and initial lines are lost after startup when `read_from_head false` and path includes wildcard '\*'.[https://github.com/fluent/fluentd/pull/3542](https://togithub.com/fluent/fluentd/pull/3542)/3542 - Fixed a bug that processing messages were lost when BufferChunkOverflowError was thrown even though only a specific message size exceeds chunk_limi[https://github.com/fluent/fluentd/pull/3553](https://togithub.com/fluent/fluentd/pull/3553)t[https://github.com/fluent/fluentd/pull/3562](https://togithub.com/fluent/fluentd/pull/3562)luentd/pull/3562 ##### Misc - Bump up required version of `win32-service` gem. newer version is required to implement additional `fluent-ctl` commands. [https://github.com/fluent/fluentd/pull/3556](https://togithub.com/fluent/fluentd/pull/3556)3556
--- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/grafana/loki). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- clients/cmd/fluentd/docker/Gemfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clients/cmd/fluentd/docker/Gemfile b/clients/cmd/fluentd/docker/Gemfile index 1d9635a6e8c5d..981d6e701e63b 100644 --- a/clients/cmd/fluentd/docker/Gemfile +++ b/clients/cmd/fluentd/docker/Gemfile @@ -2,5 +2,5 @@ source 'https://rubygems.org' -gem 'fluentd', '1.14.2' +gem 'fluentd', '1.15.3' gem 'fluent-plugin-multi-format-parser', '~>1.0.0'