From 42fa1179f330ecfc70ed5147d5166a04177a61bd Mon Sep 17 00:00:00 2001 From: Clay Cheng Date: Wed, 5 Apr 2023 21:33:35 +0000 Subject: [PATCH 1/2] 2.31.8 CVE patch release Signed-off-by: Clay Cheng --- AWS_FOR_FLUENT_BIT_VERSION | 2 +- CHANGELOG.md | 13 +++++++++++++ linux.version | 2 +- windows.versions | 14 +++++++++++++- 4 files changed, 28 insertions(+), 3 deletions(-) diff --git a/AWS_FOR_FLUENT_BIT_VERSION b/AWS_FOR_FLUENT_BIT_VERSION index 660d942e0..b1af3c7a7 100644 --- a/AWS_FOR_FLUENT_BIT_VERSION +++ b/AWS_FOR_FLUENT_BIT_VERSION @@ -1 +1 @@ -2.31.7 \ No newline at end of file +2.31.8 \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index a25d519da..c3fadc95d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,19 @@ * Enhancement - Add clear info message when chunks are removed because `storage.total_limit_size` is reached [fluent-bit:6719](https://github.com/fluent/fluent-bit/pull/6719) +### 2.31.8 +This release includes: +* Fluent Bit [1.9.10](https://fluentbit.io/announcements/v1.9.10/) +* Amazon CloudWatch Logs for Fluent Bit 1.9.3 +* Amazon Kinesis Streams for Fluent Bit 1.10.2 +* Amazon Kinesis Firehose for Fluent Bit 1.7.2 + +Compared to `2.31.7` this release adds: +* New images - Added debug images to [Amazon ECR Public Gallery](https://gallery.ecr.aws/aws-observability/aws-for-fluent-bit), [Docker Hub](https://hub.docker.com/r/amazon/aws-for-fluent-bit) and Amazon ECR. For debug images, we update the `debug-latest` tag and add a tag as `debug-`. + +*This release is a **CVE patch release for [2.31.7](https://github.com/aws/aws-for-fluent-bit/releases/tag/v2.31.7)**. It contains the same contents but re-built to uptake the most recent Amazon Linux packages with patches.* + + ### 2.28.5 This release includes: * Fluent Bit [1.9.9](https://fluentbit.io/announcements/v1.9.9/) diff --git a/linux.version b/linux.version index 9076579fb..d05070d28 100644 --- a/linux.version +++ b/linux.version @@ -1,6 +1,6 @@ { "linux": { - "version": "2.31.7", + "version": "2.31.8", "latest": "true", "build": "1", "fluent-bit": "1.9.10", diff --git a/windows.versions b/windows.versions index cb56b2117..683987ce6 100644 --- a/windows.versions +++ b/windows.versions @@ -1,5 +1,17 @@ { "windows": [ + { + "version": "2.31.8", + "build": "1", + "fluent-bit": "1.9.10", + "kinesis-plugin": "v1.10.2", + "firehose-plugin": "v1.7.2", + "cloudwatch-plugin": "v1.9.3", + "openssl": "3.0.7", + "flexBison": "2.5.22", + "latest": true, + "stable": false + }, { "version": "2.31.7", "build": "1", @@ -9,7 +21,7 @@ "cloudwatch-plugin": "v1.9.2", "openssl": "3.0.7", "flexBison": "2.5.22", - "latest": true, + "latest": false, "stable": false }, { From 760bfed37ebc1e3ed0fe7c03a36e0a2c774c0656 Mon Sep 17 00:00:00 2001 From: Clay Cheng Date: Thu, 6 Apr 2023 20:44:12 +0000 Subject: [PATCH 2/2] Revert "init: fix S3 ARN parsing #617" This reverts commit 35f563bda396efda1d7b2b0cd3460c17e784bdff. --- init/fluent_bit_init_process.go | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/init/fluent_bit_init_process.go b/init/fluent_bit_init_process.go index b65161d41..afff69863 100644 --- a/init/fluent_bit_init_process.go +++ b/init/fluent_bit_init_process.go @@ -195,20 +195,17 @@ func processConfigFile(path string) { } } -func getS3ConfigFile(userInput string) string { +func getS3ConfigFile(arn string) string { // Preparation for downloading S3 config files if !s3ClientCreated { createS3Client() } // e.g. "arn:aws:s3:::user-bucket/s3_parser.conf" - s3ARN, err := arn.Parse(userInput) - if err != nil { - logrus.Fatalf("[FluentBit Init Process] Could not parse arn: %s\n", userInput) - } - bucketAndFile := strings.SplitN(s3ARN.Resource, "/", 2) + arnBucketFile := arn[13:] + bucketAndFile := strings.SplitN(arnBucketFile, "/", 2) if len(bucketAndFile) != 2 { - logrus.Fatalf("[FluentBit Init Process] Could not parse arn: %s\n", userInput) + logrus.Fatalf("[FluentBit Init Process] Unrecognizable arn: %s\n", arn) } bucketName := bucketAndFile[0]