Light

Release v. Next about logstash-output-opensearch HOT 5 CLOSED

mamccorm commented on August 16, 2024

Release v. Next

from logstash-output-opensearch.

Comments (5)

dblock commented on August 16, 2024 1

There was a discussion in this in #230, which says we're not planning to make any new docker releases (cc: @dlvenable). But we should talk about it again. Maybe someone can help add automation for it in opensearch-build?

from logstash-output-opensearch.

dblock commented on August 16, 2024

There wasn't really any substantive changes, weren't there? Are you looking for a specific fix that was made?

On this note we could use a CHANGELOG like https://github.com/opensearch-project/opensearch-py/blob/main/CHANGELOG.md, maybe you'd be interested in contributing one so we can see easily what is ready to be released?

from logstash-output-opensearch.

cbeaujoin-stellar commented on August 16, 2024

Hi, can you build a new docker image (https://hub.docker.com/r/opensearchproject/logstash-oss-with-opensearch-output-plugin) based on the latest LOGSTASH_VERSION (https://www.docker.elastic.co/r/logstash/logstash-oss).
Current version is LOGSTASH_VERSION=${LOGSTASH_VERSION:-8.3.2}.
And lot of current inputs plugins documentation is ahead.
IE for tcp input plugin lot of changes since logstash 8.3.2 wich run tcp input plugin 6.3.0.
You can't rely on the current documentation https://www.elastic.co/guide/en/logstash/current/plugins-inputs-tcp.html).

from logstash-output-opensearch.

mamccorm commented on August 16, 2024

Hey @dblock, there are currenrly 237 CVEs in the most recent image, which was last pushed 10 months ago:

Scanned for vulnerabilities     [237 vulnerability matches]
   ├── by severity: 3 critical, 25 high, 116 medium, 75 low, 9 negligible (9 unknown)
   └── by status:   147 fixed, 90 not-fixed, 0 ignored
NAME                INSTALLED                   FIXED-IN                    TYPE          VULNERABILITY        SEVERITY
amqp-client         5.16.0                      5.18.0                      java-archive  GHSA-mm8h-8587-p46h  Medium
avro                1.11.0                      1.11.3                      java-archive  GHSA-rhrv-645h-fjfh  High
bcpkix-jdk18on      1.71                        1.73                        java-archive  GHSA-wjxj-5m7g-mg7q  Medium
bcpkix-jdk18on      1.71                        1.78                        java-archive  GHSA-v435-xc8x-wvr9  Medium
bcpkix-jdk18on      1.71                        1.78                        java-archive  GHSA-m44j-cfrm-g8qc  Medium
bcpkix-jdk18on      1.71                        1.78                        java-archive  GHSA-8xfc-gm6g-vgpv  Medium
bcprov-jdk18on      1.71                        1.73                        java-archive  GHSA-wjxj-5m7g-mg7q  Medium
bcprov-jdk18on      1.71                        1.78                        java-archive  GHSA-v435-xc8x-wvr9  Medium
bcprov-jdk18on      1.71                        1.78                        java-archive  GHSA-m44j-cfrm-g8qc  Medium
bcprov-jdk18on      1.71                        1.74                        java-archive  GHSA-hr8g-6v94-x4m9  Medium
bcprov-jdk18on      1.71                        1.78                        java-archive  GHSA-8xfc-gm6g-vgpv  Medium
bcprov-jdk18on      1.71                        1.78                        java-archive  GHSA-4h8f-2wvx-gg5w  Low
bctls-jdk18on       1.71                        1.78                        java-archive  GHSA-v435-xc8x-wvr9  Medium
bctls-jdk18on       1.71                        1.78                        java-archive  GHSA-m44j-cfrm-g8qc  Medium
bctls-jdk18on       1.71                        1.78                        java-archive  GHSA-8xfc-gm6g-vgpv  Medium
bsdutils            1:2.34-0.1ubuntu9.4         2.34-0.1ubuntu9.5           deb           CVE-2024-28085       Medium
commons-io          2.2                         2.7                         java-archive  GHSA-gwrp-pvrq-jmwv  Medium
coreutils           8.30-3ubuntu2                                           deb           CVE-2016-2781        Low
curl                7.68.0-1ubuntu2.18          7.68.0-1ubuntu2.22          deb           CVE-2024-2398        Medium
curl                7.68.0-1ubuntu2.18          7.68.0-1ubuntu2.21          deb           CVE-2023-46218       Medium
curl                7.68.0-1ubuntu2.18          7.68.0-1ubuntu2.20          deb           CVE-2023-38546       Low
curl                7.68.0-1ubuntu2.18          7.68.0-1ubuntu2.19          deb           CVE-2023-28322       Low
curl                7.68.0-1ubuntu2.18          7.68.0-1ubuntu2.19          deb           CVE-2023-28321       Low
fdisk               2.34-0.1ubuntu9.4           2.34-0.1ubuntu9.5           deb           CVE-2024-28085       Medium
gpgv                2.2.19-3ubuntu2.2                                       deb           CVE-2022-3219        Low
guava               18.0                        24.1.1-android              java-archive  GHSA-mvr2-9pj6-7w5j  Medium
guava               18.0                        32.0.0-android              java-archive  GHSA-7g45-4rm6-3mm3  Medium
guava               18.0                        32.0.0-android              java-archive  GHSA-5mg8-w23w-74h3  Low
guava               31.1-jre                    32.0.0-android              java-archive  GHSA-7g45-4rm6-3mm3  Medium
guava               31.1-jre                    32.0.0-android              java-archive  GHSA-5mg8-w23w-74h3  Low
httpclient          4.3.5                       4.3.6                       java-archive  GHSA-fmj5-wv96-r2ch  Medium
httpclient          4.3.5                       4.5.13                      java-archive  GHSA-7r82-7xv7-xcpj  Medium
java/jdk            17.0.7+7                                                binary        CVE-2024-20952       High
java/jdk            17.0.7+7                                                binary        CVE-2024-20932       High
java/jdk            17.0.7+7                                                binary        CVE-2024-20918       High
java/jdk            17.0.7+7                                                binary        CVE-2023-25193       High
java/jdk            17.0.7+7                                                binary        CVE-2024-20945       Medium
java/jdk            17.0.7+7                                                binary        CVE-2024-20921       Medium
java/jdk            17.0.7+7                                                binary        CVE-2024-20919       Medium
java/jdk            17.0.7+7                                                binary        CVE-2024-21094       Low
java/jdk            17.0.7+7                                                binary        CVE-2024-21068       Low
java/jdk            17.0.7+7                                                binary        CVE-2024-21012       Low
java/jdk            17.0.7+7                                                binary        CVE-2024-21011       Low
java/jdk            17.0.7+7                                                binary        CVE-2023-22049       Low
java/jdk            17.0.7+7                                                binary        CVE-2023-22045       Low
java/jdk            17.0.7+7                                                binary        CVE-2023-22044       Low
java/jdk            17.0.7+7                                                binary        CVE-2023-22036       Low
java/jdk            17.0.7+7                                                binary        CVE-2023-22006       Low
java/jre            17.0.7+7                                                binary        CVE-2024-20952       High
java/jre            17.0.7+7                                                binary        CVE-2024-20932       High
java/jre            17.0.7+7                                                binary        CVE-2024-20918       High
java/jre            17.0.7+7                                                binary        CVE-2023-25193       High
java/jre            17.0.7+7                                                binary        CVE-2024-20945       Medium
java/jre            17.0.7+7                                                binary        CVE-2024-20921       Medium
java/jre            17.0.7+7                                                binary        CVE-2024-20919       Medium
java/jre            17.0.7+7                                                binary        CVE-2023-22041       Medium
java/jre            17.0.7+7                                                binary        CVE-2024-21094       Low
java/jre            17.0.7+7                                                binary        CVE-2024-21068       Low
java/jre            17.0.7+7                                                binary        CVE-2024-21012       Low
java/jre            17.0.7+7                                                binary        CVE-2024-21011       Low
jersey-common       2.33                        2.34                        java-archive  GHSA-c43q-5hpj-4crv  Medium
jsoup               1.7.2                       1.14.2                      java-archive  GHSA-m72m-mhq2-9p6c  High
jsoup               1.7.2                       1.15.3                      java-archive  GHSA-gp7f-rwcx-9369  Medium
jsoup               1.7.2                       1.8.3                       java-archive  GHSA-48rh-qgjr-xfj6  Medium
krb5-locales        1.17-6ubuntu4.3                                         deb           CVE-2024-26462       Medium
krb5-locales        1.17-6ubuntu4.3             1.17-6ubuntu4.4             deb           CVE-2023-36054       Medium
krb5-locales        1.17-6ubuntu4.3                                         deb           CVE-2024-26461       Low
krb5-locales        1.17-6ubuntu4.3                                         deb           CVE-2024-26458       Negligible
libblkid1           2.34-0.1ubuntu9.4           2.34-0.1ubuntu9.5           deb           CVE-2024-28085       Medium
libc-bin            2.31-0ubuntu9.9             2.31-0ubuntu9.16            deb           CVE-2024-33602       Medium
libc-bin            2.31-0ubuntu9.9             2.31-0ubuntu9.16            deb           CVE-2024-33601       Medium
libc-bin            2.31-0ubuntu9.9             2.31-0ubuntu9.16            deb           CVE-2024-33600       Medium
libc-bin            2.31-0ubuntu9.9             2.31-0ubuntu9.16            deb           CVE-2024-33599       Medium
libc-bin            2.31-0ubuntu9.9             2.31-0ubuntu9.15            deb           CVE-2024-2961        Medium
libc-bin            2.31-0ubuntu9.9             2.31-0ubuntu9.14            deb           CVE-2023-4813        Low
libc-bin            2.31-0ubuntu9.9             2.31-0ubuntu9.14            deb           CVE-2023-4806        Low
libc-bin            2.31-0ubuntu9.9                                         deb           CVE-2016-20013       Negligible
libc6               2.31-0ubuntu9.9             2.31-0ubuntu9.16            deb           CVE-2024-33602       Medium
libc6               2.31-0ubuntu9.9             2.31-0ubuntu9.16            deb           CVE-2024-33601       Medium
libc6               2.31-0ubuntu9.9             2.31-0ubuntu9.16            deb           CVE-2024-33600       Medium
libc6               2.31-0ubuntu9.9             2.31-0ubuntu9.16            deb           CVE-2024-33599       Medium
libc6               2.31-0ubuntu9.9             2.31-0ubuntu9.15            deb           CVE-2024-2961        Medium
libc6               2.31-0ubuntu9.9             2.31-0ubuntu9.14            deb           CVE-2023-4813        Low
libc6               2.31-0ubuntu9.9             2.31-0ubuntu9.14            deb           CVE-2023-4806        Low
libc6               2.31-0ubuntu9.9                                         deb           CVE-2016-20013       Negligible
libcurl4            7.68.0-1ubuntu2.18          7.68.0-1ubuntu2.22          deb           CVE-2024-2398        Medium
libcurl4            7.68.0-1ubuntu2.18          7.68.0-1ubuntu2.21          deb           CVE-2023-46218       Medium
libcurl4            7.68.0-1ubuntu2.18          7.68.0-1ubuntu2.20          deb           CVE-2023-38546       Low
libcurl4            7.68.0-1ubuntu2.18          7.68.0-1ubuntu2.19          deb           CVE-2023-28322       Low
libcurl4            7.68.0-1ubuntu2.18          7.68.0-1ubuntu2.19          deb           CVE-2023-28321       Low
libfdisk1           2.34-0.1ubuntu9.4           2.34-0.1ubuntu9.5           deb           CVE-2024-28085       Medium
libgcrypt20         1.8.5-5ubuntu1.1                                        deb           CVE-2024-2236        Medium
libgnutls30         3.6.13-2ubuntu1.8           3.6.13-2ubuntu1.11          deb           CVE-2024-28834       Medium
libgnutls30         3.6.13-2ubuntu1.8           3.6.13-2ubuntu1.10          deb           CVE-2024-0553        Medium
libgnutls30         3.6.13-2ubuntu1.8           3.6.13-2ubuntu1.9           deb           CVE-2023-5981        Medium
libgssapi-krb5-2    1.17-6ubuntu4.3                                         deb           CVE-2024-26462       Medium
libgssapi-krb5-2    1.17-6ubuntu4.3             1.17-6ubuntu4.4             deb           CVE-2023-36054       Medium
libgssapi-krb5-2    1.17-6ubuntu4.3                                         deb           CVE-2024-26461       Low
libgssapi-krb5-2    1.17-6ubuntu4.3                                         deb           CVE-2024-26458       Negligible
libk5crypto3        1.17-6ubuntu4.3                                         deb           CVE-2024-26462       Medium
libk5crypto3        1.17-6ubuntu4.3             1.17-6ubuntu4.4             deb           CVE-2023-36054       Medium
libk5crypto3        1.17-6ubuntu4.3                                         deb           CVE-2024-26461       Low
libk5crypto3        1.17-6ubuntu4.3                                         deb           CVE-2024-26458       Negligible
libkrb5-3           1.17-6ubuntu4.3                                         deb           CVE-2024-26462       Medium
libkrb5-3           1.17-6ubuntu4.3             1.17-6ubuntu4.4             deb           CVE-2023-36054       Medium
libkrb5-3           1.17-6ubuntu4.3                                         deb           CVE-2024-26461       Low
libkrb5-3           1.17-6ubuntu4.3                                         deb           CVE-2024-26458       Negligible
libkrb5support0     1.17-6ubuntu4.3                                         deb           CVE-2024-26462       Medium
libkrb5support0     1.17-6ubuntu4.3             1.17-6ubuntu4.4             deb           CVE-2023-36054       Medium
libkrb5support0     1.17-6ubuntu4.3                                         deb           CVE-2024-26461       Low
libkrb5support0     1.17-6ubuntu4.3                                         deb           CVE-2024-26458       Negligible
libldap-2.4-2       2.4.49+dfsg-2ubuntu1.9      2.4.49+dfsg-2ubuntu1.10     deb           CVE-2023-2953        Low
libldap-common      2.4.49+dfsg-2ubuntu1.9      2.4.49+dfsg-2ubuntu1.10     deb           CVE-2023-2953        Low
liblzma5            5.2.4-1ubuntu1.1                                        deb           CVE-2020-22916       Medium
libmount1           2.34-0.1ubuntu9.4           2.34-0.1ubuntu9.5           deb           CVE-2024-28085       Medium
libncurses6         6.2-0ubuntu2.1                                          deb           CVE-2023-50495       Low
libncurses6         6.2-0ubuntu2.1                                          deb           CVE-2023-45918       Low
libncursesw6        6.2-0ubuntu2.1                                          deb           CVE-2023-50495       Low
libncursesw6        6.2-0ubuntu2.1                                          deb           CVE-2023-45918       Low
libnghttp2-14       1.40.0-1ubuntu0.1           1.40.0-1ubuntu0.3           deb           CVE-2024-28182       Medium
libnghttp2-14       1.40.0-1ubuntu0.1           1.40.0-1ubuntu0.2           deb           CVE-2023-44487       Medium
libpam-modules      1.3.1-5ubuntu4.6            1.3.1-5ubuntu4.7            deb           CVE-2024-22365       Medium
libpam-modules-bin  1.3.1-5ubuntu4.6            1.3.1-5ubuntu4.7            deb           CVE-2024-22365       Medium
libpam-runtime      1.3.1-5ubuntu4.6            1.3.1-5ubuntu4.7            deb           CVE-2024-22365       Medium
libpam0g            1.3.1-5ubuntu4.6            1.3.1-5ubuntu4.7            deb           CVE-2024-22365       Medium
libpcre3            2:8.39-12ubuntu0.1                                      deb           CVE-2017-11164       Negligible
libprocps8          2:3.3.16-1ubuntu2.3         2:3.3.16-1ubuntu2.4         deb           CVE-2023-4016        Low
libsmartcols1       2.34-0.1ubuntu9.4           2.34-0.1ubuntu9.5           deb           CVE-2024-28085       Medium
libsqlite3-0        3.31.1-4ubuntu0.5           3.31.1-4ubuntu0.6           deb           CVE-2023-7104        Medium
libssh-4            0.9.3-2ubuntu2.3            0.9.3-2ubuntu2.5            deb           CVE-2023-6918        Medium
libssh-4            0.9.3-2ubuntu2.3            0.9.3-2ubuntu2.5            deb           CVE-2023-6004        Medium
libssh-4            0.9.3-2ubuntu2.3            0.9.3-2ubuntu2.4            deb           CVE-2023-48795       Medium
libssl1.1           1.1.1f-1ubuntu2.19                                      deb           CVE-2024-4741        Low
libssl1.1           1.1.1f-1ubuntu2.19                                      deb           CVE-2024-2511        Low
libssl1.1           1.1.1f-1ubuntu2.19          1.1.1f-1ubuntu2.21          deb           CVE-2024-0727        Low
libssl1.1           1.1.1f-1ubuntu2.19          1.1.1f-1ubuntu2.21          deb           CVE-2023-5678        Low
libssl1.1           1.1.1f-1ubuntu2.19          1.1.1f-1ubuntu2.20          deb           CVE-2023-3817        Low
libssl1.1           1.1.1f-1ubuntu2.19          1.1.1f-1ubuntu2.20          deb           CVE-2023-3446        Low
libsystemd0         245.4-4ubuntu3.22                                       deb           CVE-2023-7008        Low
libsystemd0         245.4-4ubuntu3.22                                       deb           CVE-2023-26604       Low
libtinfo6           6.2-0ubuntu2.1                                          deb           CVE-2023-50495       Low
libtinfo6           6.2-0ubuntu2.1                                          deb           CVE-2023-45918       Low
libudev1            245.4-4ubuntu3.22                                       deb           CVE-2023-7008        Low
libudev1            245.4-4ubuntu3.22                                       deb           CVE-2023-26604       Low
libuuid1            2.34-0.1ubuntu9.4           2.34-0.1ubuntu9.5           deb           CVE-2024-28085       Medium
locales             2.31-0ubuntu9.9             2.31-0ubuntu9.16            deb           CVE-2024-33602       Medium
locales             2.31-0ubuntu9.9             2.31-0ubuntu9.16            deb           CVE-2024-33601       Medium
locales             2.31-0ubuntu9.9             2.31-0ubuntu9.16            deb           CVE-2024-33600       Medium
locales             2.31-0ubuntu9.9             2.31-0ubuntu9.16            deb           CVE-2024-33599       Medium
locales             2.31-0ubuntu9.9             2.31-0ubuntu9.15            deb           CVE-2024-2961        Medium
locales             2.31-0ubuntu9.9             2.31-0ubuntu9.14            deb           CVE-2023-4813        Low
locales             2.31-0ubuntu9.9             2.31-0ubuntu9.14            deb           CVE-2023-4806        Low
locales             2.31-0ubuntu9.9                                         deb           CVE-2016-20013       Negligible
login               1:4.8.1-1ubuntu5.20.04.4    1:4.8.1-1ubuntu5.20.04.5    deb           CVE-2023-4641        Low
login               1:4.8.1-1ubuntu5.20.04.4                                deb           CVE-2023-29383       Low
login               1:4.8.1-1ubuntu5.20.04.4                                deb           CVE-2013-4235        Low
maven-compat        3.3.9                       3.8.1                       java-archive  GHSA-2f88-5hg8-9x2x  Critical
maven-core          3.3.9                       3.8.1                       java-archive  GHSA-2f88-5hg8-9x2x  Critical
mount               2.34-0.1ubuntu9.4           2.34-0.1ubuntu9.5           deb           CVE-2024-28085       Medium
ncurses-base        6.2-0ubuntu2.1                                          deb           CVE-2023-50495       Low
ncurses-base        6.2-0ubuntu2.1                                          deb           CVE-2023-45918       Low
ncurses-bin         6.2-0ubuntu2.1                                          deb           CVE-2023-50495       Low
ncurses-bin         6.2-0ubuntu2.1                                          deb           CVE-2023-45918       Low
netty-codec-http    4.1.94.Final                4.1.108.Final               java-archive  GHSA-5jpm-x58v-624v  Medium
nokogiri            1.13.10                     1.15.6                      gem           GHSA-xc9x-jj77-9p9j  Medium
nokogiri            1.13.10                     1.15.6                      gem           GHSA-vcc3-rw6f-jv97  Medium
nokogiri            1.13.10                     1.14.3                      gem           GHSA-pxvg-2qj5-37jq  Medium
nokogiri            1.13.10                     1.16.5                      gem           GHSA-r95h-9x8f-r3f7  Low
openssl             1.1.1f-1ubuntu2.19                                      deb           CVE-2024-4741        Low
openssl             1.1.1f-1ubuntu2.19                                      deb           CVE-2024-2511        Low
openssl             1.1.1f-1ubuntu2.19          1.1.1f-1ubuntu2.21          deb           CVE-2024-0727        Low
openssl             1.1.1f-1ubuntu2.19          1.1.1f-1ubuntu2.21          deb           CVE-2023-5678        Low
openssl             1.1.1f-1ubuntu2.19          1.1.1f-1ubuntu2.20          deb           CVE-2023-3817        Low
openssl             1.1.1f-1ubuntu2.19          1.1.1f-1ubuntu2.20          deb           CVE-2023-3446        Low
passwd              1:4.8.1-1ubuntu5.20.04.4    1:4.8.1-1ubuntu5.20.04.5    deb           CVE-2023-4641        Low
passwd              1:4.8.1-1ubuntu5.20.04.4                                deb           CVE-2023-29383       Low
passwd              1:4.8.1-1ubuntu5.20.04.4                                deb           CVE-2013-4235        Low
perl-base           5.30.0-9ubuntu0.4           5.30.0-9ubuntu0.5           deb           CVE-2023-47038       Medium
plexus-utils        3.0.22                      3.0.24                      java-archive  GHSA-g6ph-x5wf-g337  High
plexus-utils        3.0.22                      3.0.24                      java-archive  GHSA-jcwr-x25h-x5fh  Medium
procps              2:3.3.16-1ubuntu2.3         2:3.3.16-1ubuntu2.4         deb           CVE-2023-4016        Low
puma                5.6.6                       5.6.7                       gem           GHSA-68xg-gqqm-vgj8  Critical
puma                5.6.6                       5.6.8                       gem           GHSA-c2f4-cvqm-65w2  Medium
rack                2.2.7                       2.2.8.1                     gem           GHSA-22f2-v57c-j9cx  Medium
rack                2.2.7                       2.2.8.1                     gem           GHSA-xj5v-6v4g-jfw6  Low
rack                2.2.7                       2.2.8.1                     gem           GHSA-54rr-7fvw-6x8f  Low
rdoc                6.3.3                       6.3.4.1                     gem           GHSA-592j-995h-p23j  High
rexml               3.2.5                       3.2.7                       gem           GHSA-vg3r-rm7w-2xgh  Medium
snakeyaml           1.33                        2.0                         java-archive  GHSA-mjmj-j48q-9wg2  High
snappy-java         1.1.0.1                     1.1.10.1                    java-archive  GHSA-qcwq-55hx-v3vh  High
snappy-java         1.1.0.1                     1.1.10.4                    java-archive  GHSA-55g7-9cwv-5qfv  High
snappy-java         1.1.0.1                     1.1.10.1                    java-archive  GHSA-pqr6-cmr2-h8hf  Medium
snappy-java         1.1.0.1                     1.1.10.1                    java-archive  GHSA-fjpj-2g6w-x25r  Medium
snappy-java         1.1.8.4                     1.1.10.1                    java-archive  GHSA-qcwq-55hx-v3vh  High
snappy-java         1.1.8.4                     1.1.10.4                    java-archive  GHSA-55g7-9cwv-5qfv  High
snappy-java         1.1.8.4                     1.1.10.1                    java-archive  GHSA-pqr6-cmr2-h8hf  Medium
snappy-java         1.1.8.4                     1.1.10.1                    java-archive  GHSA-fjpj-2g6w-x25r  Medium
stdlib              go1.20.6                                                go-module     CVE-2023-45285       High
stdlib              go1.20.6                                                go-module     CVE-2023-44487       High
stdlib              go1.20.6                                                go-module     CVE-2023-39325       High
stdlib              go1.20.6                                                go-module     CVE-2023-39323       High
stdlib              go1.20.6                                                go-module     CVE-2023-39326       Medium
stdlib              go1.20.6                                                go-module     CVE-2023-39319       Medium
stdlib              go1.20.6                                                go-module     CVE-2023-39318       Medium
stdlib              go1.20.6                                                go-module     CVE-2023-29409       Medium
stdlib              go1.20.6                                                go-module     CVE-2024-24790       Unknown
stdlib              go1.20.6                                                go-module     CVE-2024-24789       Unknown
stdlib              go1.20.6                                                go-module     CVE-2024-24787       Unknown
stdlib              go1.20.6                                                go-module     CVE-2024-24785       Unknown
stdlib              go1.20.6                                                go-module     CVE-2024-24784       Unknown
stdlib              go1.20.6                                                go-module     CVE-2024-24783       Unknown
stdlib              go1.20.6                                                go-module     CVE-2023-45290       Unknown
stdlib              go1.20.6                                                go-module     CVE-2023-45289       Unknown
stdlib              go1.20.6                                                go-module     CVE-2023-45288       Unknown
tar                 1.30+dfsg-7ubuntu0.20.04.3  1.30+dfsg-7ubuntu0.20.04.4  deb           CVE-2023-39804       Medium
util-linux          2.34-0.1ubuntu9.4           2.34-0.1ubuntu9.5           deb           CVE-2024-28085       Medium
xalan               2.7.2                       2.7.3                       java-archive  GHSA-9339-86wc-4qgf  High
A newer version of grype is available for download: 0.78.0 (installed version is 0.77.4)

A lot of these look like they'd be remediated by rebuilding the image. Given there has been some activity in the repo as well as a long time since the last release / build cut, it'd be great to cut for that reason, or periodically re-trigger a re-build of the image

from logstash-output-opensearch.

dblock commented on August 16, 2024

Closing in favor of #230.

from logstash-output-opensearch.

Related Issues (20)

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.