Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore(deps): update dependency fluentd to v1.15.3 [security] (main) (g…
…rafana#10839) [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [fluentd](https://www.fluentd.org/) ([source](https://togithub.com/fluent/fluentd)) | `'1.14.2'` -> `'1.15.3'` | [![age](https://developer.mend.io/api/mc/badges/age/rubygems/fluentd/1.15.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/rubygems/fluentd/1.15.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/rubygems/fluentd/'1.14.2'/1.15.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/rubygems/fluentd/'1.14.2'/1.15.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | ### GitHub Vulnerability Alerts #### [CVE-2022-39379](https://togithub.com/fluent/fluentd/security/advisories/GHSA-fppq-mj76-fpj2) ### Impact A remote code execution (RCE) vulnerability in non-default configurations of Fluentd allows unauthenticated attackers to execute arbitrary code via specially crafted JSON payloads. Fluentd setups are only affected if the environment variable `FLUENT_OJ_OPTION_MODE` is explicitly set to `object`. Please note: The option FLUENT_OJ_OPTION_MODE was introduced in Fluentd version 1.13.2. Earlier versions of Fluentd are not affected by this vulnerability. ### Patches v1.15.3 ### Workarounds Do not use `FLUENT_OJ_OPTION_MODE=object`. ### References * GHSL-2022-067 --- ### Release Notes <details> <summary>fluent/fluentd (fluentd)</summary> ### [`v1.15.3`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1153---20221102) [Compare Source](https://togithub.com/fluent/fluentd/compare/v1.15.2...v1.15.3) ##### Bug Fix - Support glob for `!include` directive in YAML config format [fluent/fluentd#3917 - Remove meaningless oj options [fluent/fluentd#3929 - Fix log initializer to correctly create per-process files on Windows [fluent/fluentd#3939 - out_file: Fix the multi-worker check with `<worker 0-N>` directive [fluent/fluentd#3942 ##### Misc - Fix broken tests on Ruby 3.2 [fluent/fluentd#3883 ### [`v1.15.2`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1152---20220822) [Compare Source](https://togithub.com/fluent/fluentd/compare/v1.15.1...v1.15.2) ##### Enhancement - Add a new system configuration `enable_jit` [fluent/fluentd#3857 ##### Bug Fix - out_file: Fix append mode with `--daemon` flag [fluent/fluentd#3864 - child_process: Plug file descriptor leak [fluent/fluentd#3844 ##### Misc - Drop win32-api gem to support Ruby 3.2 [fluent/fluentd#3849 ### [`v1.15.1`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1151---20220727) [Compare Source](https://togithub.com/fluent/fluentd/compare/v1.15.0...v1.15.1) ##### Bug Fix - Add support for concurrent append in out_file [fluent/fluentd#3808 ##### Misc - in_tail: Show more information on skipping update_watcher [fluent/fluentd#3829 ### [`v1.15.0`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1150---20220629) [Compare Source](https://togithub.com/fluent/fluentd/compare/v1.14.6...v1.15.0) ##### Enhancement - in_tail: Add log throttling in files based on group rules [fluent/fluentd#3535 - Add `dump` command to fluent-ctl [fluent/fluentd#3680 - Handle YAML configuration format on configuration file [fluent/fluentd#3712 - Add `restart_worker_interval` parameter in `<system>` directive to set interval to restart workers that has stopped for some reas[fluent/fluentd#3768 ##### Bug fixes - out_forward: Fix to update timeout of cached sockets [fluent/fluentd#3711 - in_tail: Fix a possible crash on file rotation when `follow_inodes true` [fluent/fluentd#3754 - output: Fix a possible crash of flush thread [fluent/fluentd#3755 - in_tail: Fix crash bugs on Ruby 3.1 on Windows [fluent/fluentd#3766 - in_tail: Fix a bug that in_tail cannot open non-ascii path on Windows [fluent/fluentd#3774 - Fix a bug that fluentd doesn't release its own log file even after rotated by external to[fluent/fluentd#3782 ##### Misc - in_tail: Simplify TargetInfo related code [fluent/fluentd#3489 - Fix a wrong issue number in CHANGELOG [fluent/fluentd#3700 - server helper: Add comments to linger_timeout behavior about Windows [fluent/fluentd#3701 - service_discovery: Fix typo [fluent/fluentd#3724 - test: Fix unstable tests and warnings [fluent/fluentd#3745 ### [`v1.14.6`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1146---20220331) [Compare Source](https://togithub.com/fluent/fluentd/compare/v1.14.5...v1.14.6) ##### Enhancement - Enable server plugins to specify socket-option `SO_LINGER` [fluent/fluentd#3644 - Add `--umask` command line parameter [fluent/fluentd#3671 ##### Bug fixes - Fix metric name typo [fluent/fluentd#3630 - Apply modifications in pipeline to the records being passed to `@ERROR` label [fluent/fluentd#3631 - Fix wrong calculation of retry interval [fluent/fluentd#3640 - Support IPv6 address for `rpc_endpoint` in `system` config [fluent/fluentd#3641 ##### Misc - CI: Support Ruby 3.1 except Windows [fluent/fluentd#3619 - Switch to GitHub Discussions [fluent/fluentd#3654 - Fix CHANGELOG.md heading styles [fluent/fluentd#3648 - Declare `null_value_pattern` as `regexp` [fluent/fluentd#3650 ### [`v1.14.5`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1145---20220209) [Compare Source](https://togithub.com/fluent/fluentd/compare/v1.14.4...v1.14.5) ##### Enhancement - Add support for "application/x-ndjson" to `in_http` [fluent/fluentd#3616 - Add support for ucrt binary for Windows [fluent/fluentd#3613 ##### Bug fixes - Don't retry when `retry_max_times == 0` [fluent/fluentd#3608 - Fix hang-up issue during TLS handshake in `out_forward` [fluent/fluentd#3601 - Bump up required ServerEngine to v2.2.5 [fluent/fluentd#3599 - Fix "invalid byte sequence is replaced" warning on Kubernetes [fluent/fluentd#3596 - Fix "ArgumentError: unknown keyword: :logger" on Windows with Ruby 3.1 [fluent/fluentd#3592 ### [`v1.14.4`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1144---20220106) [Compare Source](https://togithub.com/fluent/fluentd/compare/v1.14.3...v1.14.4) ##### Enhancement - `in_tail`: Add option to skip long lines (`max_line_size`) [fluent/fluentd#3565 ##### Bug fix - Incorrect BufferChunkOverflowError when each event size is < `chunk_limit_size` [fluent/fluentd#3560 - On macOS with Ruby 2.7/3.0, `out_file` fails to write events if `append` is true. [fluent/fluentd#3579 - test: Fix unstable test cases [fluent/fluentd#3574 ### [`v1.14.3`](https://togithub.com/fluent/fluentd/blob/HEAD/CHANGELOG.md#Release-v1143---20211126) [Compare Source](https://togithub.com/fluent/fluentd/compare/v1.14.2...v1.14.3) ##### Enhancement - Changed to accept `http_parser.rb` 0.8.0. `http_parser.rb` 0.8.0 is ready for Ractor. [fluent/fluentd#3544 ##### Bug fix - in_tail: Fixed a bug that no new logs are read when `enable_stat_watcher true` and `enable_watch_timer false` is set. [fluent/fluentd#3541 - in_tail: Fixed a bug that the beginning and initial lines are lost after startup when `read_from_head false` and path includes wildcard '\*'.[fluent/fluentd#3542 - Fixed a bug that processing messages were lost when BufferChunkOverflowError was thrown even though only a specific message size exceeds chunk_limi[fluent/fluentd#3553 ##### Misc - Bump up required version of `win32-service` gem. newer version is required to implement additional `fluent-ctl` commands. [fluent/fluentd#3556 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/grafana/loki). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy44LjEiLCJ1cGRhdGVkSW5WZXIiOiIzNy44LjEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
- Loading branch information