Support for Fluent Bit 3.2.7
Users will now receive Fluent Bit version 3.2.7, which includes fixes for known vulnerabilities. For more details, refer https://fluentbit.io/announcements/.
Security
Previous versions of Fluent Bit in the 3.1 and 3.2 series are affected by two security vulnerabilities if customers use the OpenTelemetry input plugin or Prometheus Remote Write input. The identified vulnerabilities are: CVE-2024-50608, CVE-2024-50609.
By default, New Relic does not include these plugins in our distribution of the Fluent Bit packages in any of the instrumentation packages we provide. However, in order to support customers using these plugins and mitigate any potential impact, we recommend customers to upgrade to the latest available versions of these packages:
Hosts:
- Windows: Infrastructure Agent upgraded to v1.62.0 or later
- Linux: Infrastructure Agent upgraded to v1.62.0 or later
Kubernetes:
- newrelic-logging upgraded to v1.26.1
- nri-bundle upgraded to v5.0.115
Fluent Bit:
- New Relic Fluent Bit Output Docker Image upgraded to v2.3.0
Notes
To stay up to date with the most recent fixes and enhancements, subscribe to our Logs RSS feed.
Prise en charge de Fluent Bit 3.2.7
L'utilisateur recevra désormais la version 3.2.7 de Fluent Bit, qui inclut des correctifs pour les vulnérabilités connues. Pour plus de détails, consultez https://fluentbit.io/announcements/.
Sécurité
Les versions précédentes de Fluent Bit des séries 3.1 et 3.2 sont affectées par deux vulnérabilités de sécurité si les clients utilisent le plugin d'entrée OpenTelemetry ou l'entrée Prometheus Remote Write. Les vulnérabilités identifiées sont : CVE-2024-50608, CVE-2024-50609.
Par défaut, New Relic n'inclut pas ces plugins dans notre distribution du package Fluent Bit dans aucun des packages d'instrumentation que nous fournissons. Cependant, afin de soutenir les clients utilisant ces plugins et d'atténuer tout impact potentiel, nous recommandons aux clients de mettre à niveau vers les dernières versions disponibles de ces packages :
Hôtes :
- Windows : Agent d'infrastructure mis à niveau vers la version 1.62.0 ou ultérieure
- Linux : Agent d'infrastructure mis à niveau vers la version 1.62.0 ou ultérieure
Kubernetes :
- newrelic-logging mis à niveau vers la version 1.26.1
- nri-bundle mis à niveau vers la version 5.0.115
Fluent Bit:
- Image Docker de sortie New Relic Fluent Bit mise à niveau vers la version 2.3.0
Remarques
Pour rester au courant des correctifs et améliorations les plus récents, abonnez-vous à notre flux RSS de Logs.
Support for Fluent Bit 3.2.2
Users will now receive Fluent Bit version 3.2.2, which includes fixes for known vulnerabilities. For more details, refer https://fluentbit.io/announcements/.
Changed
- Infrastructure agent recommends Fluent Bit 3.2.2 packages.
- Fluent Bit Output Plugin Docker image uses Fluent Bit 3.2.2.
- New Relic Logging Helm chart installs the new plugin image (newrelic-logging chart version 1.25.1)
Notes
To stay up to date with the most recent fixes and enhancements, subscribe to our Logs RSS feed.
Support for Fluent Bit 3.1.9
Users will now receive Fluent Bit version 3.1.9, which includes fixes for known vulnerabilities. For more details, refer https://fluentbit.io/announcements/.
Changed
- Infrastructure agent recommends Fluent Bit 3.1.9 packages.
- Fluent Bit Output Plugin Docker image uses Fluent Bit 3.1.9.
- New Relic Logging Helm chart installs the new plugin image (newrelic-logging chart version 1.24.0).
Notes
To stay up to date with the most recent fixes and enhancements, subscribe to our Logs RSS feed.
Support for Fluent Bit 3.1.2
Users will now receive Fluent Bit version 3.1.2, which includes fixes for known vulnerabilities. For more details, refer https://fluentbit.io/announcements/.
Changed
- Infrastructure agent recommends Fluent Bit 3.1.2 packages.
- Fluent Bit Output Plugin Docker image uses Fluent Bit 3.1.2.
- New Relic Logging Helm chart installs the new plugin image.
Notes
To stay up to date with the most recent fixes and enhancements, subscribe to our Logs RSS feed.