chore(deps): update dependency fluentd to v1.14.2 [security] (release-2.9.x)#10822

Merged

kavirajk merged 1 commit into

release-2.9.xfrom

deps-update/release-2.9.x-rubygems-fluentd-vulnerability

Oct 9, 2023

renovate Bot commented Oct 9, 2023 •

edited

Loading

Contributor

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
fluentd (source)	`'1.9.0'` -> `'1.14.2'`

GitHub Vulnerability Alerts

CVE-2021-41186

Impact

parser_apache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service (ReDoS) vulnerability. A broken apache log with a certain pattern of string can spend too much time in a regular expression, resulting in the potential for a DoS attack.

Patches

v1.14.2

Workarounds

Either of the following:

Don't use parser_apache2 for parsing logs which cannot guarantee generated by Apache.
Put patched version of parser_apache2.rb into /etc/fluent/plugin directory (or any other directories specified by the environment variable FLUENT_PLUGIN or --plugin option of fluentd).

References

ReDoS vulnerability in parser_apache2

CVE-2021-41186 / GHSA-hwhf-64mh-r662

More information

Details

Impact

parser_apache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service (ReDoS) vulnerability. A broken apache log with a certain pattern of string can spend too much time in a regular expression, resulting in the potential for a DoS attack.

Patches

v1.14.2

Workarounds

Either of the following:

Don't use parser_apache2 for parsing logs which cannot guarantee generated by Apache.
Put patched version of parser_apache2.rb into /etc/fluent/plugin directory (or any other directories specified by the environment variable FLUENT_PLUGIN or --plugin option of fluentd).

References

Severity

CVSS Score: 5.9 / 10 (Medium)
Vector String: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Release Notes

fluent/fluentd (fluentd)

`v1.14.2`

IMPORTANT: This release contain the fix for CVE-2021-41186 -
ReDoS vulnerability in parser_apache2.
This vulnerability is affected from Fluentd v0.14.14 to v1.14.1.
We recommend to upgrade Fluentd to v1.14.2 or use patched version of
parser_apache2 plugin.

Enhancement

fluent-cat: Add --event-time option to send specified event time for testing.
https://github.com/fluent/fluentd/pull/35283528

Bug fix

Fixed to generate correct epoch timestamp even after switching Daylight Saving Time
https://github.com/fluent/fluentd/pull/35243524
Fixed ReDoS vulnerability in parser_apache2.
This vulnerability is caused by a certain pattern of a broken apache log.

`v1.14.1`

Enhancement

in_tail: Added file related metrics.
These metrics should be collected same as fluent-bit's in_tahttps://github.com/fluent/fluentd/pull/3504ull/3504
out_forward: Changed to use metrics mechanism for node statistics
https://github.com/fluent/fluentd/pull/35063506

Bug fix

in_tail: Fixed a crash bug that it raise undefined method of eof? error.
This error may happen only when read_bytes_limit_per_second was specified.
https://github.com/fluent/fluentd/pull/35003500
out_forward: Fixed a bug that node statistics information is not included correctly.
https://github.com/fluent/fluentd/pull/35033https://github.com/fluent/fluentd/pull/3507ull/3507
Fixed a error when using @include directive
It was occurred when http/https scheme URI is used in @include directive with Ruby 3.
https://github.com/fluent/fluentd/pull/35173517
out_copy: Fixed to suppress a wrong warning for ignore_if_prev_success
It didn't work even if a user set https://github.com/fluent/fluentd/pull/3515ull/3515
Fixed not to output nanoseconds field of next retry time in warning log
Then, inappropriate labels in log are also fixed. (retry_time -> retry_times,
next_retry_seconds -> next_retrhttps://github.com/fluent/fluentd/pull/3518td/pull/3518

`v1.14.0`

Enhancement

Added enable_input_metrics, enable_size_metrics system
configuration parameter
This feature might need to pay higher CPU cost, so input event metrics
features are disabled by default. These features are also enabled by
--enable-input-metrics,--enable-size-metrics command line
optihttps://github.com/fluent/fluentd/pull/3440ull/3440
Added reserved word @ROOT for getting root router.
This is incompatible change. Do not use @ROOT for label name.
https://github.com/fluent/fluentd/pull/33583358
in_syslog: Added send_keepalive_packet option
https://github.com/fluent/fluentd/pull/34743474
in_http: Added cors_allow_credentials option.
This option tells browsers whether to expose the response to
frontend when the credentials mode is "inhttps://github.com/fluent/fluentd/pull/3481thttps://github.com/fluent/fluentd/pull/3491luentd/pull/3491

Bug fix

in_tail: Fixed a bug that deleted paths are not removed
from pos file by file compaction at starthttps://github.com/fluent/fluentd/pull/3467ull/3467
in_tail: Revived a warning message of retrying unaccessible file
https://github.com/fluent/fluentd/pull/34783478
TLSServer: Fixed a crash bug on logging peer host name errors
https://github.com/fluent/fluentd/pull/34833483

Misc

Added metrics plugin mechanism
The implementations is changed to use metrics plugin.
In the future, 3rd party plugin will be able to handle these mhttps://github.com/fluent/fluentd/pull/3471thttps://github.com/fluent/fluentd/pull/3473lhttps://github.com/fluent/fluentd/pull/3479nhttps://github.com/fluent/fluentd/pull/3484buffer: Use metrics plugin mechanism on a plugin base class fluent/fluentd#3484

`v1.13.3`

Bug fix

in_tail: Care DeletePending state on Windows
https://github.com/fluent/fluentd/pull/34573https://github.com/fluent/fluentd/pull/3460ull/3460
in_tail: Fix some pos_file bugs.
Avoid deleting pos_file entries unexpectedly when both
pos_file_compaction_interval and follow_inode are enabled.
Use bytesize instead of size for path length.
https://github.com/fluent/fluentd/pull/34593459
in_tail: Fix detecting rotation twice on follow_inode.
https://github.com/fluent/fluentd/pull/34663466

Misc

Remove needless spaces in a sample config file
https://github.com/fluent/fluentd/pull/34563456

`v1.13.2`

Enhancement

fluent-plugin-generate: Storage plugin was supported.
https://github.com/fluent/fluentd/pull/34263426
parser_json: Added support to customize configuration of oj options.
Use FLUENT_OJ_OPTION_BIGDECIMAL_LOAD, FLUENT_OJ_OPTION_MAX_NESTING,
FLUENT_OJ_OPTION_MODE, and FLUENT_OJ_OPTION_USE_TO_JSON environment
variable to configure https://github.com/fluent/fluentd/pull/3315ull/3315

Bug fix

binlog_reader: Fixed a crash bug by missing "fluent/env" dependency.
https://github.com/fluent/fluentd/pull/34433443
Fixed a crash bug on outputting log at the early stage when parsing
config file. This is a regression since v1.13.0. If you use invalid
'@' prefix parameter, remove it as https://github.com/fluent/fluentd/pull/3451/fluentd/pull/3451
in_tail: Fixed a bug that when rotation is occurred, remaining lines
will be discarded if the throttling feature is enablhttps://github.com/fluent/fluentd/pull/3390ull/3390
fluent-plugin-generate: Fixed a crash bug during gemspec generation.
It was unexpectedly introduced by #3305, thus this bug was a
regression since 1.12https://github.com/fluent/fluentd/pull/3444ull/3444

Misc

Fixed the runtime dependency version of http_parse.rb to 0.7.0.
It was fixed because false positive detection is occurred frequently
by security scanninghttps://github.com/fluent/fluentd/pull/3450td/pull/3450

`v1.13.1`

Bug fix

out_forward: Fixed a race condition on handshake
It's caused by using a same unpacker from multiple threahttps://github.com/fluent/fluentd/pull/3405uhttps://github.com/fluent/fluentd/pull/3406td/pull/3406
in_tail: Fixed to remove too much verbose debugging logs
It was unexpectedly introduced by #3185 log throttling feature.
https://github.com/fluent/fluentd/pull/34183418
Fixed not to echo back the provides path as is on a 404 error
There was a potential cross-site scripting vector even though
it is quite difficult to ehttps://github.com/fluent/fluentd/pull/3427td/pull/3427

Misc

Pretty print for Fluent::Config::Section has been supported
for debugghttps://github.com/fluent/fluentd/pull/3398ull/3398
CI: Dropped to run CI for Ruby 2.5
https://github.com/fluent/fluentd/pull/34123412

`v1.13.0`

Enhancement

in_tail: Handle log throttling per file feature
https://github.com/fluent/fluentd/pull/31853https://github.com/fluent/fluentd/pull/3364uhttps://github.com/fluent/fluentd/pull/3379td/pull/3379
Extend to support service discovery manager in simpler way
https://github.com/fluent/fluentd/pull/32993https://github.com/fluent/fluentd/pull/3362ull/3362
in_http: HTTP GET requests has been supported
https://github.com/fluent/fluentd/pull/33733373
The log rotate settings in system configuration has been supported
https://github.com/fluent/fluentd/pull/33523352

Bug fix

Fix to disable trace_instruction when
RubyVM::InstructionSequence is available. It improves
compatibility with truffleruby some extent.
https://github.com/fluent/fluentd/pull/33763376
in_tail: Safely skip files which are used by another process on
Windows. It improves exception handling about
ERROR_SHARING_VIOLATION on Windows.
https://github.com/fluent/fluentd/pull/33783378
fluent-cat: the issue resending secondary file in specific format
has been fihttps://github.com/fluent/fluentd/pull/3368ull/3368
in_tail: Shutdown immediately & safely even if reading huge files
Note that skip_refresh_on_startup must be enabled.
https://github.com/fluent/fluentd/pull/33803380

Misc

example: Change a path to backup_path in counter_server correctly
https://github.com/fluent/fluentd/pull/33593359
README: Update link to community forum to discuss.fluentd.org
https://github.com/fluent/fluentd/pull/33603360

`v1.12.4`

Bug fix

in_tail: Fix a bug that refresh_watcher fails to handle file rotations
https://github.com/fluent/fluentd/pull/33933393

`v1.12.3`

Enhancement

plugin_helper: Allow TLS to use keep-alive socket option
https://github.com/fluent/fluentd/pull/33083308

Bug fix

parser_csv, parser_syslog: Fix a naming conflict on parser_type
https://github.com/fluent/fluentd/pull/33023302
in_tail: Fix incorrect error code & message on Windows
https://github.com/fluent/fluentd/pull/33253https://github.com/fluent/fluentd/pull/3329uhttps://github.com/fluent/fluentd/pull/3331thttps://github.com/fluent/fluentd/pull/3337luentd/pull/3337
in_tail: Fix a crash bug on catching a short-lived log
https://github.com/fluent/fluentd/pull/33283328
storage_local: Fix position file corruption issue on concurrent gracefulReloads
https://github.com/fluent/fluentd/pull/33353335
Fix incorrect warnings about ${chunk_id} with out_s3
https://github.com/fluent/fluentd/pull/33393339
TLS Server: Add peer information to error log message
https://github.com/fluent/fluentd/pull/33303330

Misc

fluent-plugin-generate: add note about plugin name
https://github.com/fluent/fluentd/pull/33033303
fluent-plugin-generate: Use same depended gem version with fluentd
https://github.com/fluent/fluentd/pull/33053305
Fix some broken unit tests and improve CI's stability
https://github.com/fluent/fluentd/pull/33043https://github.com/fluent/fluentd/pull/3307uhttps://github.com/fluent/fluentd/pull/3312thttps://github.com/fluent/fluentd/pull/3313lhttps://github.com/fluent/fluentd/pull/3314nhttps://github.com/fluent/fluentd/pull/3316fhttps://github.com/fluent/fluentd/pull/3336com/Use GitHub Actions' status badges instead of Travis CI's fluent/fluentd#3336
Permit to install with win32-service 2.2.0 on Windows
https://github.com/fluent/fluentd/pull/33433343

`v1.12.2`

Enhancement

out_copy: Add ignore_if_prev_successes
https://github.com/fluent/fluentd/pull/31903https://github.com/fluent/fluentd/pull/3287ull/3287
Support multiple kind of timestamp format
https://github.com/fluent/fluentd/pull/32523252
formatter_ltsv: suppress delimiters in output
https://github.com/fluent/fluentd/pull/16661https://github.com/fluent/fluentd/pull/3288uhttps://github.com/fluent/fluentd/pull/3289td/pull/3289

Bug fix

in_tail: Expect ENOENT during stat
https://github.com/fluent/fluentd/pull/32753275
out_forward: Prevent transferring duplicate logs on restart
https://github.com/fluent/fluentd/pull/32673https://github.com/fluent/fluentd/pull/3285ull/3285
in_tail: Handle to send rotated logs when mv is used for rotating
https://github.com/fluent/fluentd/pull/32943294
fluent-plugin-config-format: Fill an uninitialized instance variable
https://github.com/fluent/fluentd/pull/32973297
Fix MessagePackEventStream issue with Enumerable methods
https://github.com/fluent/fluentd/pull/21162116

Misc

Add webrick to support Ruby 3.0
https://github.com/fluent/fluentd/pull/32573257
Suggest Discource instead of Google Groups
https://github.com/fluent/fluentd/pull/32613261
Update MAINTAINERS.md
https://github.com/fluent/fluentd/pull/32823282
Introduce DeepSource to check code quality
https://github.com/fluent/fluentd/pull/32863https://github.com/fluent/fluentd/pull/3259uhttps://github.com/fluent/fluentd/pull/3291td/pull/3291
Migrate to GitHub Actions and stabilize tests
https://github.com/fluent/fluentd/pull/32663https://github.com/fluent/fluentd/pull/3268uhttps://github.com/fluent/fluentd/pull/3281thttps://github.com/fluent/fluentd/pull/3283lhttps://github.com/fluent/fluentd/pull/3290nt/fluentd/pull/3290

`v1.12.1`

Enhancement

out_http: Add headers_from_placeholders parameter
https://github.com/fluent/fluentd/pull/32413241
fluent-plugin-config-format: Add --table option to use markdown table
https://github.com/fluent/fluentd/pull/32403240
Add --disable-shared-socket/disable_shared_socket to disable ServerEngine's shared socket setup
https://github.com/fluent/fluentd/pull/32503250

Bug fix

ca_generate: Fix creating TLS certification files which include broken extensions
https://github.com/fluent/fluentd/pull/32463246
test: Drop TLS 1.1 tests
https://github.com/fluent/fluentd/pull/32563256
Remove old gem constraints to support Ruby 3

Misc

Use GitHub Actions
https://github.com/fluent/fluentd/pull/32333https://github.com/fluent/fluentd/pull/3255ull/3255

`v1.12.0`

New feature

in_tail: Add follow_inode to support log rotation with wild card
https://github.com/fluent/fluentd/pull/31823182
in_tail: Handle linux capability
https://github.com/fluent/fluentd/pull/31553https://github.com/fluent/fluentd/pull/3162ull/3162
windows: Add win32 events alternative to unix signals
https://github.com/fluent/fluentd/pull/31313131

Enhancement

buffer: Enable metadata comparison optimization on all platforms
https://github.com/fluent/fluentd/pull/30953095
fluent-plugin-config-formatter: Handle service_discovery type
https://github.com/fluent/fluentd/pull/31783178
in_http: Add add_query_params parameter to add query params to event record
https://github.com/fluent/fluentd/pull/31973197
inject: Support unixtime_micros and unixtime_nanos in time_type
https://github.com/fluent/fluentd/pull/32203220
Refactoring code
https://github.com/fluent/fluentd/pull/31673https://github.com/fluent/fluentd/pull/3170uhttps://github.com/fluent/fluentd/pull/3180thttps://github.com/fluent/fluentd/pull/3196lhttps://github.com/fluent/fluentd/pull/3213nhttps://github.com/fluent/fluentd/pull/3222test_parser_syslog: Fix 2020-year failure fluent/fluentd#3222

Bug fix

output: Prevent retry.step from being called too many times in a short time
https://github.com/fluent/fluentd/pull/32033203

`v1.11.5`

Enhancement

formatter: Provide newline parameter to support CRLF
https://github.com/fluent/fluentd/pull/31523152
out_http: adding support for intermediate certificates
https://github.com/fluent/fluentd/pull/31463146
Update serverengine dependency to 2.2.2 or later

Bug fix

Fix a bug that windows service isn't stopped gracefuly
https://github.com/fluent/fluentd/pull/31563156

`v1.11.4`

Enhancement

inject: Support unixtime_millis in time_type parameter
https://github.com/fluent/fluentd/pull/31453145

Bug fix

out_http: Fix broken data with json_array true
https://github.com/fluent/fluentd/pull/31443144
output: Fix wrong logging issue for ${chunk_id}
https://github.com/fluent/fluentd/pull/31343134

`v1.11.3`

Enhancement

in_exec: Add connect_mode parameter to read stderr
https://github.com/fluent/fluentd/pull/31083108
parser_json: Improve the performance
https://github.com/fluent/fluentd/pull/31093109
log: Add ignore_same_log_interval parameter
https://github.com/fluent/fluentd/pull/31193119
Upgrade win32 gems
https://github.com/fluent/fluentd/pull/31003100
Refactoring code
https://github.com/fluent/fluentd/pull/30943https://github.com/fluent/fluentd/pull/3118ull/3118

Bug fix

buffer: Fix calculation of timekey stats
https://github.com/fluent/fluentd/pull/30183018
buffer: fix binmode usage for prevent gc
https://github.com/fluent/fluentd/pull/31383138

`v1.11.2`

Enhancement

in_dummy renamed to in_sample
https://github.com/fluent/fluentd/pull/30653065
Allow regular expression in filter/match directive
https://github.com/fluent/fluentd/pull/30713071
Refactoring code
https://github.com/fluent/fluentd/pull/30513051

Bug fix

buffer: Fix log message for chunk_limit_records case
https://github.com/fluent/fluentd/pull/30793079
buffer: Fix timekey optimization for non-windows platform
https://github.com/fluent/fluentd/pull/30923092
cert: Raise an error for broken certificate file
https://github.com/fluent/fluentd/pull/30863086
cert: Set TLS ciphers list correcty on older OpenSSL
https://github.com/fluent/fluentd/pull/30933093

`v1.11.1`

Enhancement

in_http: Add dump_error_log parameter
https://github.com/fluent/fluentd/pull/30353035
in_http: Improve time field handling
https://github.com/fluent/fluentd/pull/30463046
Refactoring code
https://github.com/fluent/fluentd/pull/30473047

Bug fix

in_tail: Use actual path instead of based pattern for ignore list
https://github.com/fluent/fluentd/pull/30423042
child_process helper: Fix child process failure due to SIGPIPE if the command uses stdout
https://github.com/fluent/fluentd/pull/30443044

`v1.11.0`

New feature

in_unix: Use v1 API
https://github.com/fluent/fluentd/pull/29922992

Enhancement

parser_syslog: Support any time_format for RFC3164 string parser
https://github.com/fluent/fluentd/pull/30143014
parser_syslog: Add new parser for RFC5424
https://github.com/fluent/fluentd/pull/30153015
Refactoring code
https://github.com/fluent/fluentd/pull/30193019

Bug fix

in_gc_stat: Add use_symbol_keys parameter to emit string key record
https://github.com/fluent/fluentd/pull/30083008

`v1.10.4`

Enhancement

out_http: Support single json array payload
https://github.com/fluent/fluentd/pull/29732973
Refactoring
https://github.com/fluent/fluentd/pull/29882988

Bug fix

supervisor: Call File.umask(0) for standalone worker
https://github.com/fluent/fluentd/pull/29872987
out_forward: Fix ZeroDivisionError issue with weight 0
https://github.com/fluent/fluentd/pull/29892989

`v1.10.3`

Enhancement

record_accessor: Add set method
https://github.com/fluent/fluentd/pull/29772977
config: Ruby DSL format is deprecated
https://github.com/fluent/fluentd/pull/29582958
Refactor code
https://github.com/fluent/fluentd/pull/29612https://github.com/fluent/fluentd/pull/2962uhttps://github.com/fluent/fluentd/pull/2965thttps://github.com/fluent/fluentd/pull/2966lhttps://github.com/fluent/fluentd/pull/2978nt/fluentd/pull/2978

Bug fix

out_forward: Disable linger_timeout setting on Windows
https://github.com/fluent/fluentd/pull/29592959
out_forward: Fix warning of service discovery manager when fluentd stops
https://github.com/fluent/fluentd/pull/29742974

`v1.10.2`

Enhancement

out_copy: Add plugin_id to log message
https://github.com/fluent/fluentd/pull/29342934
socket: Allow cert chains in mutual auth
https://github.com/fluent/fluentd/pull/29302930
system: Add ignore_repeated_log_interval parameter
https://github.com/fluent/fluentd/pull/29372937
windows: Allow to launch fluentd from whitespace included path
https://github.com/fluent/fluentd/pull/29202920
Refactor code
https://github.com/fluent/fluentd/pull/29352https://github.com/fluent/fluentd/pull/2936uhttps://github.com/fluent/fluentd/pull/2938thttps://github.com/fluent/fluentd/pull/2939lhttps://github.com/fluent/fluentd/pull/2946nt/fluentd/pull/2946

Bug fix

in_syslog: Fix octet-counting mode bug
https://github.com/fluent/fluentd/pull/29422942
out_forward: Create timer for purging obsolete sockets when keepalive_timeout is not set
https://github.com/fluent/fluentd/pull/29432943
out_forward: Need authentication when sending tcp heartbeat with keepalive
https://github.com/fluent/fluentd/pull/29452945
command: Fix fluent-debug start failure
https://github.com/fluent/fluentd/pull/29482948
command: Fix regression of supervisor's worker and --daemon combo
https://github.com/fluent/fluentd/pull/29502950

`v1.10.1`

Enhancement

command: --daemon and --no-supervisor now work together
https://github.com/fluent/fluentd/pull/29122912
Refactor code
https://github.com/fluent/fluentd/pull/29132913

Bug fix

in_tail: Fix pos_file_compaction_interval parameter type
https://github.com/fluent/fluentd/pull/29212921
in_tail: Fix seek position update after compaction
https://github.com/fluent/fluentd/pull/29222922
parser_syslog: Fix regression in the with_priority and RFC5424 case
https://github.com/fluent/fluentd/pull/29232923

Misc

Add document for security audit
https://github.com/fluent/fluentd/pull/29112911

`v1.10.0`

New feature

sd plugin: Add SRV record plugin
https://github.com/fluent/fluentd/pull/28762876

Enhancement

server: Add cert_verifier parameter for TLS transport
https://github.com/fluent/fluentd/pull/28882888
parser_syslog: Support customized time format
https://github.com/fluent/fluentd/pull/28862886
in_dummy: Delete suspend parameter
https://github.com/fluent/fluentd/pull/28972897
Refactor code
https://github.com/fluent/fluentd/pull/28582https://github.com/fluent/fluentd/pull/2862uhttps://github.com/fluent/fluentd/pull/2864thttps://github.com/fluent/fluentd/pull/2869lhttps://github.com/fluent/fluentd/pull/2870nhttps://github.com/fluent/fluentd/pull/2874fhttps://github.com/fluent/fluentd/pull/2881chttps://github.com/fluent/fluentd/pull/2885hhttps://github.com/fluent/fluentd/pull/2894/https://github.com/fluent/fluentd/pull/2896phttps://github.com/fluent/fluentd/pull/2898 https://github.com/fluent/fluentd/pull/2899
https://github.com/fluent/fluentd/pull/29002https://github.com/fluent/fluentd/pull/2901uhttps://github.com/fluent/fluentd/pull/2906td/pull/2901
It can take some time to output lines fluent/fluentd#2906

Bug fix

out_forward: windows: Permit to specify linger_timeout
https://github.com/fluent/fluentd/pull/28682868
parser_syslog: Fix syslog format detection
https://github.com/fluent/fluentd/pull/28792879
buffer: Fix available_buffer_space_ratio calculation
https://github.com/fluent/fluentd/pull/28822882
tls: Support CRLF based X.509 certificates
https://github.com/fluent/fluentd/pull/28902890
msgpack_factory mixin: Fix performance penalty for deprecation log
https://github.com/fluent/fluentd/pull/29032903

`v1.9.3`

Enhancement

in_tail: Emit buffered lines as unmatched_line at shutdown phase when emit_unmatched_lines true
https://github.com/fluent/fluentd/pull/28372837
Specify directory mode explicitly
https://github.com/fluent/fluentd/pull/28272827
server helper: Change SSLError log level to warn in accept
https://github.com/fluent/fluentd/pull/28612861
Refactor code
https://github.com/fluent/fluentd/pull/28292https://github.com/fluent/fluentd/pull/2830uhttps://github.com/fluent/fluentd/pull/2832thttps://github.com/fluent/fluentd/pull/2836lhttps://github.com/fluent/fluentd/pull/2838nhttps://github.com/fluent/fluentd/pull/2842fhttps://github.com/fluent/fluentd/pull/2843com/Flush buffer is invoked in line buffer fluent/fluentd#2843

Bug fix

buffer: Add seq to metadata that it can be unique
https://github.com/fluent/fluentd/pull/28242https://github.com/fluent/fluentd/pull/2853ull/2853
buffer: Use Tempfile as binmode for decompression
https://github.com/fluent/fluentd/pull/28472847

Misc

Add .idea to git ignore file
https://github.com/fluent/fluentd/pull/28342834
appveyor: Fix tests
https://github.com/fluent/fluentd/pull/28532https://github.com/fluent/fluentd/pull/2855ull/2855
Update pem for test
https://github.com/fluent/fluentd/pull/28392839

`v1.9.2`

Enhancement

in_tail: Add pos_file_compaction_interval parameter for auto compaction
https://github.com/fluent/fluentd/pull/28052805
command: Use given encoding when RUBYOPT has -E
https://github.com/fluent/fluentd/pull/28142814

Bug fix

command: Accept RUBYOPT with two or more options
https://github.com/fluent/fluentd/pull/28072807
command: Fix infinite loop bug when RUBYOPT is invalid
https://github.com/fluent/fluentd/pull/28132813
log: serverengine's log should be formatted with the same format of fluentd
https://github.com/fluent/fluentd/pull/28122812
in_http: Fix NoMethodError when OPTIONS request doesn't have 'Origin' header
https://github.com/fluent/fluentd/pull/28232823
parser_syslog: Improved for parsing RFC5424 structured data in parser_syslog
https://github.com/fluent/fluentd/pull/28162816

`v1.9.1`

Enhancement

http_server helper: Support HTTPS
https://github.com/fluent/fluentd/pull/27872787
in_tail: Add path_delimiter to split with any char
https://github.com/fluent/fluentd/pull/27962796
in_tail: Remove an entry from PositionaFile when it is unwatched
https://github.com/fluent/fluentd/pull/28032803
out_http: Add warning for retryable_response_code
https://github.com/fluent/fluentd/pull/28092809
parser_syslog: Add multiline RFC5424 support
https://github.com/fluent/fluentd/pull/27672767
Add TLS module to unify TLS related code
https://github.com/fluent/fluentd/pull/28022802

Bug fix

output: Add EncodingError to unrecoverable errors
https://github.com/fluent/fluentd/pull/28082808
tls: Fix TLS version handling in secure mode
https://github.com/fluent/fluentd/pull/28022802

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.


          chore(deps): update dependency fluentd to v1.14.2 [security]

a1273e1

renovate Bot requested a review from a team as a code owner

October 9, 2023 10:52

renovate Bot added area/security dependencies labels

pull-request-size Bot added the size/XS label

kavirajk approved these changes

View reviewed changes

kavirajk merged commit 0f5cee8 into release-2.9.x

kavirajk deleted the deps-update/release-2.9.x-rubygems-fluentd-vulnerability branch

October 9, 2023 14:10

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area/security dependencies size/XS