New versions of the New Relic Logs integrations have been released with a fix for CVE-2024-4323. New Relic recommends you follow the procedures below to update the relevant logs integrations:
Integration | Action Required |
|---|---|
Linux Infrastructure Agent | Upgrade the Infrastructure Agent to version 1.52.3 or later, AND update Fluent Bit to version 3.0.4 or later |
Kubernetes Plugin | Upgrade using either newrelic-logging-1.22.0 or nri-bundle-5.0.80 |
Fluent Bit Output Plugin | Update to version 2.0.0 |
Changed
- Update Fluent Bit output plugin to version 1.22.0 as a fix for CVE-2024-4323, which impacted certain prior Fluent Bit versions contained in the Infra-agent log forwarder solution.
- Update nri-bundle to version 5.0.80 as fix for CVE-2024-4323, which impacted certain prior Fluent Bit versions contained in the Infra-agent log forwarder solution.
- Update Fluent Bit to version 3.0.4 as fix for CVE-2024-4323, which impacted certain prior Fluent Bit versions contained in the Infra-agent log forwarder solution.