oss-sec mailing list archives
Re: 5 CVE's fixed in Fluent Bit
From: Christian Brabandt <cb () 256bit org>
Date: Mon, 1 Dec 2025 21:15:40 +0100
On Mi, 26 Nov 2025, Alan Coopersmith wrote:
https://fluentbit.io/blog/2025/10/28/security-vulnerabilities-addressed-in-fluent-bit-v4.1-and-backported-to-v4.0/ provides their analysis and information about fixes in versions 4.2, 4.1.1, and 4.0.14, which are available from https://github.com/fluent/fluent-bit .
That blog post would hugely benefit from the actual CVE numbers and not
just CWE ids.
For the record, there is a typo in the above blog post. The backported
fixed version is v4.0.13
Thanks,
Christian
--
Das wird sicher ein Spaß
-- Star Treck, Der erste Kontakt,
Current thread:
- 5 CVE's fixed in Fluent Bit Alan Coopersmith (Nov 26)
- Re: 5 CVE's fixed in Fluent Bit Christian Brabandt (Dec 01)
- Re: 5 CVE's fixed in Fluent Bit Christian Fischer (Dec 02)
- Re: 5 CVE's fixed in Fluent Bit Christian Brabandt (Dec 02)
- Re: 5 CVE's fixed in Fluent Bit Christian Fischer (Dec 03)
- Re: 5 CVE's fixed in Fluent Bit Christian Fischer (Dec 02)
- Re: 5 CVE's fixed in Fluent Bit Christian Brabandt (Dec 01)