Support for Fluent Bit 3.2.7
Users will now receive Fluent Bit version 3.2.7, which includes fixes for known vulnerabilities. For more details, refer https://fluentbit.io/announcements/.
Security
Previous versions of Fluent Bit in the 3.1 and 3.2 series are affected by two security vulnerabilities if customers use the OpenTelemetry input plugin or Prometheus Remote Write input. The identified vulnerabilities are: CVE-2024-50608, CVE-2024-50609.
By default, New Relic does not include these plugins in our distribution of the Fluent Bit packages in any of the instrumentation packages we provide. However, in order to support customers using these plugins and mitigate any potential impact, we recommend customers to upgrade to the latest available versions of these packages:
Hosts:
- Windows: Infrastructure Agent upgraded to v1.62.0 or later
- Linux: Infrastructure Agent upgraded to v1.62.0 or later
Kubernetes:
- newrelic-logging upgraded to v1.26.1
- nri-bundle upgraded to v5.0.115
Fluent Bit:
- New Relic Fluent Bit Output Docker Image upgraded to v2.3.0
Notes
To stay up to date with the most recent fixes and enhancements, subscribe to our Logs RSS feed.
Compatibilidad con Fluent Bit 3.2.7
El usuario ahora recibirá la versión 3.2.7 Fluent Bit , que incluye correcciones para vulnerabilidades conocidas. Para obtener más detalles, consulte https:\/\/fluentbit.io\/announcements\/.
Seguridad
Las versiones anteriores de Fluent Bit en los seriales 3.1 y 3.2 se ven afectadas por dos vulnerabilidades de seguridad si los clientes emplean el complemento de entrada OpenTelemetry o la entrada Prometheus Remote Write. Las vulnerabilidades identificadas son: CVE-2024-50608, CVE-2024-50609.
De forma predeterminada, New Relic no incluye estos complementos en nuestra distribución de los paquetes de Fluent Bit en ninguno de los paquetes de instrumentación que ofrecemos. Sin embargo, para brindar soporte a los clientes que emplean estos complementos y mitigar cualquier impacto potencial, recomendamos a los clientes que actualicen a las últimas versiones disponibles de estos paquetes:
Anfitriones:
- Windows: agente de infraestructura actualizado a v1.62.0 o posterior
- Linux: agente de infraestructura actualizado a v1.62.0 o posterior
Kubernetes:
- newrelic-logging actualizado a v1.26.1
- nri-bundle actualizado a v5.0.115
Fluent Bit:
- New Relic Fluent Bit La Docker imagen de salida se actualizó a la versión 2.3.0
Notas
Para mantener actualizado con las más recientes correcciones y mejoras, suscribir a nuestra fuente RSS de Logs.
Support for Fluent Bit 3.2.2
Users will now receive Fluent Bit version 3.2.2, which includes fixes for known vulnerabilities. For more details, refer https://fluentbit.io/announcements/.
Changed
- Infrastructure agent recommends Fluent Bit 3.2.2 packages.
- Fluent Bit Output Plugin Docker image uses Fluent Bit 3.2.2.
- New Relic Logging Helm chart installs the new plugin image (newrelic-logging chart version 1.25.1)
Notes
To stay up to date with the most recent fixes and enhancements, subscribe to our Logs RSS feed.
Support for Fluent Bit 3.1.9
Users will now receive Fluent Bit version 3.1.9, which includes fixes for known vulnerabilities. For more details, refer https://fluentbit.io/announcements/.
Changed
- Infrastructure agent recommends Fluent Bit 3.1.9 packages.
- Fluent Bit Output Plugin Docker image uses Fluent Bit 3.1.9.
- New Relic Logging Helm chart installs the new plugin image (newrelic-logging chart version 1.24.0).
Notes
To stay up to date with the most recent fixes and enhancements, subscribe to our Logs RSS feed.
Support for Fluent Bit 3.1.2
Users will now receive Fluent Bit version 3.1.2, which includes fixes for known vulnerabilities. For more details, refer https://fluentbit.io/announcements/.
Changed
- Infrastructure agent recommends Fluent Bit 3.1.2 packages.
- Fluent Bit Output Plugin Docker image uses Fluent Bit 3.1.2.
- New Relic Logging Helm chart installs the new plugin image.
Notes
To stay up to date with the most recent fixes and enhancements, subscribe to our Logs RSS feed.