chore(deps): update dependency fluentd to v1.14.2 [security] (main)

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
fluentd (source)	'1.9.0' -> '1.14.2'

---

ReDoS vulnerability in parser_apache2

CVE-2021-41186 / GHSA-hwhf-64mh-r662

More information

Details

Impact

parser_apache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service (ReDoS) vulnerability. A broken apache log with a certain pattern of string can spend too much time in a regular expression, resulting in the potential for a DoS attack.

Patches

v1.14.2

Workarounds

Either of the following:

• Don't use parser_apache2 for parsing logs which cannot guarantee generated by Apache.
• Put patched version of parser_apache2.rb into /etc/fluent/plugin directory (or any other directories specified by the environment variable FLUENT_PLUGIN or --plugin option of fluentd).

References

• CVE-2021-41186
• GHSA-hwhf-64mh-r662
• GHSL-2021-102
• https://github.com/fluent/fluentd/blob/master/CHANGELOG.md#v1142

Severity

• CVSS Score: 5.9 / 10 (Medium)
• Vector String: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

References

• https://github.com/fluent/fluentd/security/advisories/GHSA-hwhf-64mh-r662
• https://nvd.nist.gov/vuln/detail/CVE-2021-41186
• https://github.com/fluent/fluentd/commit/5482a3d049dab351de0be68f4b4bc562319d8511
• https://github.com/fluent/fluentd
• https://github.com/fluent/fluentd/blob/master/CHANGELOG.md#v1142
• https://github.com/github/securitylab-vulnerabilities/blob/52dc4a2a828c6dc24231967c2937ad92038184a9/vendor_reports/GHSL-2021-102-fluent-fluentd.md
• https://github.com/rubysec/ruby-advisory-db/blob/master/gems/fluentd/CVE-2021-41186.yml

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

---

Release Notes

fluent/fluentd (fluentd)

v1.14.2

Compare Source

IMPORTANT: This release contain the fix for CVE-2021-41186 -
ReDoS vulnerability in parser_apache2.
This vulnerability is affected from Fluentd v0.14.14 to v1.14.1.
We recommend to upgrade Fluentd to v1.14.2 or use patched version of
parser_apache2 plugin.

Enhancement

• fluent-cat: Add --event-time option to send specified event time for testing.
  https://github.com/fluent/fluentd/pull/35283528

Bug fix

• Fixed to generate correct epoch timestamp even after switching Daylight Saving Time
  https://github.com/fluent/fluentd/pull/35243524
• Fixed ReDoS vulnerability in parser_apache2.
  This vulnerability is caused by a certain pattern of a broken apache log.

v1.14.1

Compare Source

Enhancement

• in_tail: Added file related metrics.
  These metrics should be collected same as fluent-bit's in_tahttps://github.com/fluent/fluentd/pull/3504ull/3504
• out_forward: Changed to use metrics mechanism for node statistics
  https://github.com/fluent/fluentd/pull/35063506

Bug fix

• in_tail: Fixed a crash bug that it raise undefined method of eof? error.
  This error may happen only when read_bytes_limit_per_second was specified.
  https://github.com/fluent/fluentd/pull/35003500
• out_forward: Fixed a bug that node statistics information is not included correctly.
  https://github.com/fluent/fluentd/pull/35033https://github.com/fluent/fluentd/pull/3507ull/3507
• Fixed a error when using @include directive
  It was occurred when http/https scheme URI is used in @include directive with Ruby 3.
  https://github.com/fluent/fluentd/pull/35173517
• out_copy: Fixed to suppress a wrong warning for ignore_if_prev_success
  It didn't work even if a user set https://github.com/fluent/fluentd/pull/3515ull/3515
• Fixed not to output nanoseconds field of next retry time in warning log
  Then, inappropriate labels in log are also fixed. (retry_time -> retry_times,
  next_retry_seconds -> next_retrhttps://github.com/fluent/fluentd/pull/3518td/pull/3518

v1.14.0

Compare Source

Enhancement

• Added enable_input_metrics, enable_size_metrics system
  configuration parameter
  This feature might need to pay higher CPU cost, so input event metrics
  features are disabled by default. These features are also enabled by
  --enable-input-metrics,--enable-size-metrics command line
  optihttps://github.com/fluent/fluentd/pull/3440ull/3440
• Added reserved word @ROOT for getting root router.
  This is incompatible change. Do not use @ROOT for label name.
  https://github.com/fluent/fluentd/pull/33583358
• in_syslog: Added send_keepalive_packet option
  https://github.com/fluent/fluentd/pull/34743474
• in_http: Added cors_allow_credentials option.
  This option tells browsers whether to expose the response to
  frontend when the credentials mode is "inhttps://github.com/fluent/fluentd/pull/3481thttps://github.com/fluent/fluentd/pull/3491luentd/pull/3491

Bug fix

• in_tail: Fixed a bug that deleted paths are not removed
  from pos file by file compaction at starthttps://github.com/fluent/fluentd/pull/3467ull/3467
• in_tail: Revived a warning message of retrying unaccessible file
  https://github.com/fluent/fluentd/pull/34783478
• TLSServer: Fixed a crash bug on logging peer host name errors
  https://github.com/fluent/fluentd/pull/34833483

Misc

• Added metrics plugin mechanism
  The implementations is changed to use metrics plugin.
  In the future, 3rd party plugin will be able to handle these mhttps://github.com/fluent/fluentd/pull/3471thttps://github.com/fluent/fluentd/pull/3473lhttps://github.com/fluent/fluentd/pull/3479nhttps://github.com/fluent/fluentd/pull/3484buffer: Use metrics plugin mechanism on a plugin base class fluent/fluentd#3484

v1.13.3

Compare Source

Bug fix

• in_tail: Care DeletePending state on Windows
  https://github.com/fluent/fluentd/pull/34573https://github.com/fluent/fluentd/pull/3460ull/3460
• in_tail: Fix some pos_file bugs.
  Avoid deleting pos_file entries unexpectedly when both
  pos_file_compaction_interval and follow_inode are enabled.
  Use bytesize instead of size for path length.
  https://github.com/fluent/fluentd/pull/34593459
• in_tail: Fix detecting rotation twice on follow_inode.
  https://github.com/fluent/fluentd/pull/34663466

Misc

• Remove needless spaces in a sample config file
  https://github.com/fluent/fluentd/pull/34563456

v1.13.2

Compare Source

Enhancement

• fluent-plugin-generate: Storage plugin was supported.
  https://github.com/fluent/fluentd/pull/34263426
• parser_json: Added support to customize configuration of oj options.
  Use FLUENT_OJ_OPTION_BIGDECIMAL_LOAD, FLUENT_OJ_OPTION_MAX_NESTING,
  FLUENT_OJ_OPTION_MODE, and FLUENT_OJ_OPTION_USE_TO_JSON environment
  variable to configure https://github.com/fluent/fluentd/pull/3315ull/3315

Bug fix

• binlog_reader: Fixed a crash bug by missing "fluent/env" dependency.
  https://github.com/fluent/fluentd/pull/34433443
• Fixed a crash bug on outputting log at the early stage when parsing
  config file. This is a regression since v1.13.0. If you use invalid
  '@​' prefix parameter, remove it as https://github.com/fluent/fluentd/pull/3451/fluentd/pull/3451
• in_tail: Fixed a bug that when rotation is occurred, remaining lines
  will be discarded if the throttling feature is enablhttps://github.com/fluent/fluentd/pull/3390ull/3390
• fluent-plugin-generate: Fixed a crash bug during gemspec generation.
  It was unexpectedly introduced by #​3305, thus this bug was a
  regression since 1.12https://github.com/fluent/fluentd/pull/3444ull/3444

Misc

• Fixed the runtime dependency version of http_parse.rb to 0.7.0.
  It was fixed because false positive detection is occurred frequently
  by security scanninghttps://github.com/fluent/fluentd/pull/3450td/pull/3450

v1.13.1

Compare Source

Bug fix

• out_forward: Fixed a race condition on handshake
  It's caused by using a same unpacker from multiple threahttps://github.com/fluent/fluentd/pull/3405uhttps://github.com/fluent/fluentd/pull/3406td/pull/3406
• in_tail: Fixed to remove too much verbose debugging logs
  It was unexpectedly introduced by #​3185 log throttling feature.
  https://github.com/fluent/fluentd/pull/34183418
• Fixed not to echo back the provides path as is on a 404 error
  There was a potential cross-site scripting vector even though
  it is quite difficult to ehttps://github.com/fluent/fluentd/pull/3427td/pull/3427

Misc

• Pretty print for Fluent::Config::Section has been supported
  for debugghttps://github.com/fluent/fluentd/pull/3398ull/3398
• CI: Dropped to run CI for Ruby 2.5
  https://github.com/fluent/fluentd/pull/34123412

v1.13.0

Compare Source

Enhancement

• in_tail: Handle log throttling per file feature
  https://github.com/fluent/fluentd/pull/31853https://github.com/fluent/fluentd/pull/3364uhttps://github.com/fluent/fluentd/pull/3379td/pull/3379
• Extend to support service discovery manager in simpler way
  https://github.com/fluent/fluentd/pull/32993https://github.com/fluent/fluentd/pull/3362ull/3362
• in_http: HTTP GET requests has been supported
  https://github.com/fluent/fluentd/pull/33733373
• The log rotate settings in system configuration has been supported
  https://github.com/fluent/fluentd/pull/33523352

Bug fix

• Fix to disable trace_instruction when
  RubyVM::InstructionSequence is available. It improves
  compatibility with truffleruby some extent.
  https://github.com/fluent/fluentd/pull/33763376
• in_tail: Safely skip files which are used by another process on
  Windows. It improves exception handling about
  ERROR_SHARING_VIOLATION on Windows.
  https://github.com/fluent/fluentd/pull/33783378
• fluent-cat: the issue resending secondary file in specific format
  has been fihttps://github.com/fluent/fluentd/pull/3368ull/3368
• in_tail: Shutdown immediately & safely even if reading huge files
  Note that skip_refresh_on_startup must be enabled.
  https://github.com/fluent/fluentd/pull/33803380

Misc

• example: Change a path to backup_path in counter_server correctly
  https://github.com/fluent/fluentd/pull/33593359
• README: Update link to community forum to discuss.fluentd.org
  https://github.com/fluent/fluentd/pull/33603360

v1.12.4

Compare Source

Bug fix

• in_tail: Fix a bug that refresh_watcher fails to handle file rotations
  https://github.com/fluent/fluentd/pull/33933393

v1.12.3

Compare Source

Enhancement

• plugin_helper: Allow TLS to use keep-alive socket option
  https://github.com/fluent/fluentd/pull/33083308

Bug fix

• parser_csv, parser_syslog: Fix a naming conflict on parser_type
  https://github.com/fluent/fluentd/pull/33023302
• in_tail: Fix incorrect error code & message on Windows
  https://github.com/fluent/fluentd/pull/33253https://github.com/fluent/fluentd/pull/3329uhttps://github.com/fluent/fluentd/pull/3331thttps://github.com/fluent/fluentd/pull/3337luentd/pull/3337
• in_tail: Fix a crash bug on catching a short-lived log
  https://github.com/fluent/fluentd/pull/33283328
• storage_local: Fix position file corruption issue on concurrent gracefulReloads
  https://github.com/fluent/fluentd/pull/33353335
• Fix incorrect warnings about ${chunk_id} with out_s3
  https://github.com/fluent/fluentd/pull/33393339
• TLS Server: Add peer information to error log message
  https://github.com/fluent/fluentd/pull/33303330

Misc

• fluent-plugin-generate: add note about plugin name
  https://github.com/fluent/fluentd/pull/33033303
• fluent-plugin-generate: Use same depended gem version with fluentd
  https://github.com/fluent/fluentd/pull/33053305
• Fix some broken unit tests and improve CI's stability
  https://github.com/fluent/fluentd/pull/33043https://github.com/fluent/fluentd/pull/3307uhttps://github.com/fluent/fluentd/pull/3312thttps://github.com/fluent/fluentd/pull/3313lhttps://github.com/fluent/fluentd/pull/3314nhttps://github.com/fluent/fluentd/pull/3316fhttps://github.com/fluent/fluentd/pull/3336com/Use GitHub Actions' status badges instead of Travis CI's fluent/fluentd#3336
• Permit to install with win32-service 2.2.0 on Windows
  https://github.com/fluent/fluentd/pull/33433343

v1.12.2

Compare Source

Enhancement

• out_copy: Add ignore_if_prev_successes
  https://github.com/fluent/fluentd/pull/31903https://github.com/fluent/fluentd/pull/3287ull/3287
• Support multiple kind of timestamp format
  https://github.com/fluent/fluentd/pull/32523252
• formatter_ltsv: suppress delimiters in output
  https://github.com/fluent/fluentd/pull/16661https://github.com/fluent/fluentd/pull/3288uhttps://github.com/fluent/fluentd/pull/3289td/pull/3289

Bug fix

• in_tail: Expect ENOENT during stat
  https://github.com/fluent/fluentd/pull/32753275
• out_forward: Prevent transferring duplicate logs on restart
  https://github.com/fluent/fluentd/pull/32673https://github.com/fluent/fluentd/pull/3285ull/3285
• in_tail: Handle to send rotated logs when mv is used for rotating
  https://github.com/fluent/fluentd/pull/32943294
• fluent-plugin-config-format: Fill an uninitialized instance variable
  https://github.com/fluent/fluentd/pull/32973297
• Fix MessagePackEventStream issue with Enumerable methods
  https://github.com/fluent/fluentd/pull/21162116

Misc

• Add webrick to support Ruby 3.0
  https://github.com/fluent/fluentd/pull/32573257
• Suggest Discource instead of Google Groups
  https://github.com/fluent/fluentd/pull/32613261
• Update MAINTAINERS.md
  https://github.com/fluent/fluentd/pull/32823282
• Introduce DeepSource to check code quality
  https://github.com/fluent/fluentd/pull/32863https://github.com/fluent/fluentd/pull/3259uhttps://github.com/fluent/fluentd/pull/3291td/pull/3291
• Migrate to GitHub Actions and stabilize tests
  https://github.com/fluent/fluentd/pull/32663https://github.com/fluent/fluentd/pull/3268uhttps://github.com/fluent/fluentd/pull/3281thttps://github.com/fluent/fluentd/pull/3283lhttps://github.com/fluent/fluentd/pull/3290nt/fluentd/pull/3290

v1.12.1

Compare Source

Enhancement

• out_http: Add headers_from_placeholders parameter
  https://github.com/fluent/fluentd/pull/32413241
• fluent-plugin-config-format: Add --table option to use markdown table
  https://github.com/fluent/fluentd/pull/32403240
• Add --disable-shared-socket/disable_shared_socket to disable ServerEngine's shared socket setup
  https://github.com/fluent/fluentd/pull/32503250

Bug fix

• ca_generate: Fix creating TLS certification files which include broken extensions
  https://github.com/fluent/fluentd/pull/32463246
• test: Drop TLS 1.1 tests
  https://github.com/fluent/fluentd/pull/32563256
• Remove old gem constraints to support Ruby 3

Misc

• Use GitHub Actions
  https://github.com/fluent/fluentd/pull/32333https://github.com/fluent/fluentd/pull/3255ull/3255

v1.12.0

Compare Source

New feature

• in_tail: Add follow_inode to support log rotation with wild card
  https://github.com/fluent/fluentd/pull/31823182
• in_tail: Handle linux capability
  https://github.com/fluent/fluentd/pull/31553https://github.com/fluent/fluentd/pull/3162ull/3162
• windows: Add win32 events alternative to unix signals
  https://github.com/fluent/fluentd/pull/31313131

Enhancement

• buffer: Enable metadata comparison optimization on all platforms
  https://github.com/fluent/fluentd/pull/30953095
• fluent-plugin-config-formatter: Handle service_discovery type
  https://github.com/fluent/fluentd/pull/31783178
• in_http: Add add_query_params parameter to add query params to event record
  https://github.com/fluent/fluentd/pull/31973197
• inject: Support unixtime_micros and unixtime_nanos in time_type
  https://github.com/fluent/fluentd/pull/32203220
• Refactoring code
  https://github.com/fluent/fluentd/pull/31673https://github.com/fluent/fluentd/pull/3170uhttps://github.com/fluent/fluentd/pull/3180thttps://github.com/fluent/fluentd/pull/3196lhttps://github.com/fluent/fluentd/pull/3213nhttps://github.com/fluent/fluentd/pull/3222test_parser_syslog: Fix 2020-year failure fluent/fluentd#3222

Bug fix

• output: Prevent retry.step from being called too many times in a short time
  https://github.com/fluent/fluentd/pull/32033203

v1.11.5

Compare Source

Enhancement

• formatter: Provide newline parameter to support CRLF
  https://github.com/fluent/fluentd/pull/31523152
• out_http: adding support for intermediate certificates
  https://github.com/fluent/fluentd/pull/31463146
• Update serverengine dependency to 2.2.2 or later

Bug fix

• Fix a bug that windows service isn't stopped gracefuly
  https://github.com/fluent/fluentd/pull/31563156

v1.11.4

Compare Source

Enhancement

• inject: Support unixtime_millis in time_type parameter
  https://github.com/fluent/fluentd/pull/31453145

Bug fix

• out_http: Fix broken data with json_array true
  https://github.com/fluent/fluentd/pull/31443144
• output: Fix wrong logging issue for ${chunk_id}
  https://github.com/fluent/fluentd/pull/31343134

v1.11.3

Compare Source

Enhancement

• in_exec: Add connect_mode parameter to read stderr
  https://github.com/fluent/fluentd/pull/31083108
• parser_json: Improve the performance
  https://github.com/fluent/fluentd/pull/31093109
• log: Add ignore_same_log_interval parameter
  https://github.com/fluent/fluentd/pull/31193119
• Upgrade win32 gems
  https://github.com/fluent/fluentd/pull/31003100
• Refactoring code
  https://github.com/fluent/fluentd/pull/30943https://github.com/fluent/fluentd/pull/3118ull/3118

Bug fix

• buffer: Fix calculation of timekey stats
  https://github.com/fluent/fluentd/pull/30183018
• buffer: fix binmode usage for prevent gc
  https://github.com/fluent/fluentd/pull/31383138

v1.11.2

Compare Source

Enhancement

• in_dummy renamed to in_sample
  https://github.com/fluent/fluentd/pull/30653065
• Allow regular expression in filter/match directive
  https://github.com/fluent/fluentd/pull/30713071
• Refactoring code
  https://github.com/fluent/fluentd/pull/30513051

Bug fix

• buffer: Fix log message for chunk_limit_records case
  https://github.com/fluent/fluentd/pull/30793079
• buffer: Fix timekey optimization for non-windows platform
  https://github.com/fluent/fluentd/pull/30923092
• cert: Raise an error for broken certificate file
  https://github.com/fluent/fluentd/pull/30863086
• cert: Set TLS ciphers list correcty on older OpenSSL
  https://github.com/fluent/fluentd/pull/30933093

v1.11.1

Compare Source

Enhancement

• in_http: Add dump_error_log parameter
  https://github.com/fluent/fluentd/pull/30353035
• in_http: Improve time field handling
  https://github.com/fluent/fluentd/pull/30463046
• Refactoring code
  https://github.com/fluent/fluentd/pull/30473047

Bug fix

• in_tail: Use actual path instead of based pattern for ignore list
  https://github.com/fluent/fluentd/pull/30423042
• child_process helper: Fix child process failure due to SIGPIPE if the command uses stdout
  https://github.com/fluent/fluentd/pull/30443044

v1.11.0

Compare Source

New feature

• in_unix: Use v1 API
  https://github.com/fluent/fluentd/pull/29922992

Enhancement

• parser_syslog: Support any time_format for RFC3164 string parser
  https://github.com/fluent/fluentd/pull/30143014
• parser_syslog: Add new parser for RFC5424
  https://github.com/fluent/fluentd/pull/30153015
• Refactoring code
  https://github.com/fluent/fluentd/pull/30193019

Bug fix

• in_gc_stat: Add use_symbol_keys parameter to emit string key record
  https://github.com/fluent/fluentd/pull/30083008

v1.10.4

Compare Source

Enhancement

• out_http: Support single json array payload
  https://github.com/fluent/fluentd/pull/29732973
• Refactoring
  https://github.com/fluent/fluentd/pull/29882988

Bug fix

• supervisor: Call File.umask(0) for standalone worker
  https://github.com/fluent/fluentd/pull/29872987
• out_forward: Fix ZeroDivisionError issue with weight 0
  https://github.com/fluent/fluentd/pull/29892989

v1.10.3

Compare Source

Enhancement

• record_accessor: Add set method
  https://github.com/fluent/fluentd/pull/29772977
• config: Ruby DSL format is deprecated
  https://github.com/fluent/fluentd/pull/29582958
• Refactor code
  https://github.com/fluent/fluentd/pull/29612https://github.com/fluent/fluentd/pull/2962uhttps://github.com/fluent/fluentd/pull/2965thttps://github.com/fluent/fluentd/pull/2966lhttps://github.com/fluent/fluentd/pull/2978nt/fluentd/pull/2978

Bug fix

• out_forward: Disable linger_timeout setting on Windows
  https://github.com/fluent/fluentd/pull/29592959
• out_forward: Fix warning of service discovery manager when fluentd stops
  https://github.com/fluent/fluentd/pull/29742974

v1.10.2

Compare Source

Enhancement

• out_copy: Add plugin_id to log message
  https://github.com/fluent/fluentd/pull/29342934
• socket: Allow cert chains in mutual auth
  https://github.com/fluent/fluentd/pull/29302930
• system: Add ignore_repeated_log_interval parameter
  https://github.com/fluent/fluentd/pull/29372937
• windows: Allow to launch fluentd from whitespace included path
  https://github.com/fluent/fluentd/pull/29202920
• Refactor code
  https://github.com/fluent/fluentd/pull/29352https://github.com/fluent/fluentd/pull/2936uhttps://github.com/fluent/fluentd/pull/2938thttps://github.com/fluent/fluentd/pull/2939lhttps://github.com/fluent/fluentd/pull/2946nt/fluentd/pull/2946

Bug fix

• in_syslog: Fix octet-counting mode bug
  https://github.com/fluent/fluentd/pull/29422942
• out_forward: Create timer for purging obsolete sockets when keepalive_timeout is not set
  https://github.com/fluent/fluentd/pull/29432943
• out_forward: Need authentication when sending tcp heartbeat with keepalive
  https://github.com/fluent/fluentd/pull/29452945
• command: Fix fluent-debug start failure
  https://github.com/fluent/fluentd/pull/29482948
• command: Fix regression of supervisor's worker and --daemon combo
  https://github.com/fluent/fluentd/pull/29502950

v1.10.1

Compare Source

Enhancement

• command: --daemon and --no-supervisor now work together
  https://github.com/fluent/fluentd/pull/29122912
• Refactor code
  https://github.com/fluent/fluentd/pull/29132913

Bug fix

• in_tail: Fix pos_file_compaction_interval parameter type
  https://github.com/fluent/fluentd/pull/29212921
• in_tail: Fix seek position update after compaction
  https://github.com/fluent/fluentd/pull/29222922
• parser_syslog: Fix regression in the with_priority and RFC5424 case
  https://github.com/fluent/fluentd/pull/29232923

Misc

• Add document for security audit
  https://github.com/fluent/fluentd/pull/29112911

v1.10.0

Compare Source

New feature

• sd plugin: Add SRV record plugin
  https://github.com/fluent/fluentd/pull/28762876

Enhancement

• server: Add cert_verifier parameter for TLS transport
  https://github.com/fluent/fluentd/pull/28882888
• parser_syslog: Support customized time format
  https://github.com/fluent/fluentd/pull/28862886
• in_dummy: Delete suspend parameter
  https://github.com/fluent/fluentd/pull/28972897
• Refactor code
  https://github.com/fluent/fluentd/pull/28582https://github.com/fluent/fluentd/pull/2862uhttps://github.com/fluent/fluentd/pull/2864thttps://github.com/fluent/fluentd/pull/2869lhttps://github.com/fluent/fluentd/pull/2870nhttps://github.com/fluent/fluentd/pull/2874fhttps://github.com/fluent/fluentd/pull/2881chttps://github.com/fluent/fluentd/pull/2885hhttps://github.com/fluent/fluentd/pull/2894/https://github.com/fluent/fluentd/pull/2896phttps://github.com/fluent/fluentd/pull/2898 https://github.com/fluent/fluentd/pull/2899
  https://github.com/fluent/fluentd/pull/29002https://github.com/fluent/fluentd/pull/2901uhttps://github.com/fluent/fluentd/pull/2906td/pull/2901
  It can take some time to output lines fluent/fluentd#2906

Bug fix

• out_forward: windows: Permit to specify linger_timeout
  https://github.com/fluent/fluentd/pull/28682868
• parser_syslog: Fix syslog format detection
  https://github.com/fluent/fluentd/pull/28792879
• buffer: Fix available_buffer_space_ratio calculation
  https://github.com/fluent/fluentd/pull/28822882
• tls: Support CRLF based X.509 certificates
  https://github.com/fluent/fluentd/pull/28902890
• msgpack_factory mixin: Fix performance penalty for deprecation log
  https://github.com/fluent/fluentd/pull/29032903

v1.9.3

Compare Source

Enhancement

• in_tail: Emit buffered lines as unmatched_line at shutdown phase when emit_unmatched_lines true
  https://github.com/fluent/fluentd/pull/28372837
• Specify directory mode explicitly
  https://github.com/fluent/fluentd/pull/28272827
• server helper: Change SSLError log level to warn in accept
  https://github.com/fluent/fluentd/pull/28612861
• Refactor code
  https://github.com/fluent/fluentd/pull/28292https://github.com/fluent/fluentd/pull/2830uhttps://github.com/fluent/fluentd/pull/2832thttps://github.com/fluent/fluentd/pull/2836lhttps://github.com/fluent/fluentd/pull/2838nhttps://github.com/fluent/fluentd/pull/2842fhttps://github.com/fluent/fluentd/pull/2843com/Flush buffer is invoked in line buffer fluent/fluentd#2843

Bug fix

• buffer: Add seq to metadata that it can be unique
  https://github.com/fluent/fluentd/pull/28242https://github.com/fluent/fluentd/pull/2853ull/2853
• buffer: Use Tempfile as binmode for decompression
  https://github.com/fluent/fluentd/pull/28472847

Misc

• Add .idea to git ignore file
  https://github.com/fluent/fluentd/pull/28342834
• appveyor: Fix tests
  https://github.com/fluent/fluentd/pull/28532https://github.com/fluent/fluentd/pull/2855ull/2855
• Update pem for test
  https://github.com/fluent/fluentd/pull/28392839

v1.9.2

Compare Source

Enhancement

• in_tail: Add pos_file_compaction_interval parameter for auto compaction
  https://github.com/fluent/fluentd/pull/28052805
• command: Use given encoding when RUBYOPT has -E
  https://github.com/fluent/fluentd/pull/28142814

Bug fix

• command: Accept RUBYOPT with two or more options
  https://github.com/fluent/fluentd/pull/28072807
• command: Fix infinite loop bug when RUBYOPT is invalid
  https://github.com/fluent/fluentd/pull/28132813
• log: serverengine's log should be formatted with the same format of fluentd
  https://github.com/fluent/fluentd/pull/28122812
• in_http: Fix NoMethodError when OPTIONS request doesn't have 'Origin' header
  https://github.com/fluent/fluentd/pull/28232823
• parser_syslog: Improved for parsing RFC5424 structured data in parser_syslog
  https://github.com/fluent/fluentd/pull/28162816

v1.9.1

Compare Source

Enhancement

• http_server helper: Support HTTPS
  https://github.com/fluent/fluentd/pull/27872787
• in_tail: Add path_delimiter to split with any char
  https://github.com/fluent/fluentd/pull/27962796
• in_tail: Remove an entry from PositionaFile when it is unwatched
  https://github.com/fluent/fluentd/pull/28032803
• out_http: Add warning for retryable_response_code
  https://github.com/fluent/fluentd/pull/28092809
• parser_syslog: Add multiline RFC5424 support
  https://github.com/fluent/fluentd/pull/27672767
• Add TLS module to unify TLS related code
  https://github.com/fluent/fluentd/pull/28022802

Bug fix

• output: Add EncodingError to unrecoverable errors
  https://github.com/fluent/fluentd/pull/28082808
• tls: Fix TLS version handling in secure mode
  https://github.com/fluent/fluentd/pull/28022802

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.