Support for Fluent Bit 3.2.7
Users will now receive Fluent Bit version 3.2.7, which includes fixes for known vulnerabilities. For more details, refer https://fluentbit.io/announcements/.
Security
Previous versions of Fluent Bit in the 3.1 and 3.2 series are affected by two security vulnerabilities if customers use the OpenTelemetry input plugin or Prometheus Remote Write input. The identified vulnerabilities are: CVE-2024-50608, CVE-2024-50609.
By default, New Relic does not include these plugins in our distribution of the Fluent Bit packages in any of the instrumentation packages we provide. However, in order to support customers using these plugins and mitigate any potential impact, we recommend customers to upgrade to the latest available versions of these packages:
Hosts:
- Windows: Infrastructure Agent upgraded to v1.62.0 or later
- Linux: Infrastructure Agent upgraded to v1.62.0 or later
Kubernetes:
- newrelic-logging upgraded to v1.26.1
- nri-bundle upgraded to v5.0.115
Fluent Bit:
- New Relic Fluent Bit Output Docker Image upgraded to v2.3.0
Notes
To stay up to date with the most recent fixes and enhancements, subscribe to our Logs RSS feed.
Suporte para Fluent Bit 3.2.7
O usuário agora receberá Fluent Bit versão 3.2.7, que inclui correções para vulnerabilidades conhecidas. Para mais detalhes, consulte https://fluentbit.io/announcements/.
Segurança
Versões anteriores do Fluent Bit nas séries 3.1 e 3.2 são afetadas por duas vulnerabilidades de segurança se os clientes usarem o plug-in de entrada OpenTelemetry ou a entrada Prometheus Remote Write. As vulnerabilidades identificadas são: CVE-2024-50608, CVE-2024-50609.
Por padrão, a New Relic não inclui esses plugins em nossa distribuição dos pacotes Fluent Bit em nenhum dos pacotes de instrumentação que fornecemos. No entanto, para dar suporte aos clientes que usam esses plugins e mitigar qualquer impacto potencial, recomendamos que os clientes atualizem para as versões mais recentes disponíveis desses pacotes:
Anfitriões:
- Windows: agente de infraestrutura atualizado para v1.62.0 ou posterior
- Linux: agente de infraestrutura atualizado para v1.62.0 ou posterior
Kubernetes:
- newrelic-logging atualizado para v1.26.1
- nri-bundle atualizado para v5.0.115
Fluent Bit:
- ImagemNew Relic Fluent Bit de saída atualizada para a versão 2.3.0 Docker
Notas
Para se manter atualizado com as correções e melhorias mais recentes, assine nosso feed RSS de Logs.
Support for Fluent Bit 3.2.2
Users will now receive Fluent Bit version 3.2.2, which includes fixes for known vulnerabilities. For more details, refer https://fluentbit.io/announcements/.
Changed
- Infrastructure agent recommends Fluent Bit 3.2.2 packages.
- Fluent Bit Output Plugin Docker image uses Fluent Bit 3.2.2.
- New Relic Logging Helm chart installs the new plugin image (newrelic-logging chart version 1.25.1)
Notes
To stay up to date with the most recent fixes and enhancements, subscribe to our Logs RSS feed.
Support for Fluent Bit 3.1.9
Users will now receive Fluent Bit version 3.1.9, which includes fixes for known vulnerabilities. For more details, refer https://fluentbit.io/announcements/.
Changed
- Infrastructure agent recommends Fluent Bit 3.1.9 packages.
- Fluent Bit Output Plugin Docker image uses Fluent Bit 3.1.9.
- New Relic Logging Helm chart installs the new plugin image (newrelic-logging chart version 1.24.0).
Notes
To stay up to date with the most recent fixes and enhancements, subscribe to our Logs RSS feed.
Support for Fluent Bit 3.1.2
Users will now receive Fluent Bit version 3.1.2, which includes fixes for known vulnerabilities. For more details, refer https://fluentbit.io/announcements/.
Changed
- Infrastructure agent recommends Fluent Bit 3.1.2 packages.
- Fluent Bit Output Plugin Docker image uses Fluent Bit 3.1.2.
- New Relic Logging Helm chart installs the new plugin image.
Notes
To stay up to date with the most recent fixes and enhancements, subscribe to our Logs RSS feed.