[AUTOPATCHER-CORE] Upgrade fluent-bit to 2.2.3 to fix CVE-2024-4323 (#…

…9231)
microsoft · May 28, 2024 · bfcfb89 · bfcfb89
1 parent 84f8102
commit bfcfb89
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 4 deletions.
diff --git a/SPECS/fluent-bit/fluent-bit.signatures.json b/SPECS/fluent-bit/fluent-bit.signatures.json
@@ -1,5 +1,5 @@
 {
   "Signatures": {
-    "fluent-bit-2.2.2.tar.gz": "8e7e951b2907e9d29508699c71c8949a4a22d750d54ffa5ee5b96537e59371dd"
+    "fluent-bit-2.2.3.tar.gz": "006ed94d34e4036fb7fb5a02016ccf3a55d7f5ccdefd5df756d1ba2206cfc55d"
   }
 }
diff --git a/SPECS/fluent-bit/fluent-bit.spec b/SPECS/fluent-bit/fluent-bit.spec
@@ -1,6 +1,6 @@
 Summary:        Fast and Lightweight Log processor and forwarder for Linux, BSD and OSX
 Name:           fluent-bit
-Version:        2.2.2
+Version:        2.2.3
 Release:        1%{?dist}
 License:        Apache-2.0
 Vendor:         Microsoft Corporation
@@ -80,6 +80,9 @@ Development files for %{name}
 %{_libdir}/fluent-bit/*.so
 
 %changelog
+* Tue May 28 2024 CBL-Mariner Servicing Account <cblmargh@microsoft.com> - 2.2.3-1
+- Auto-upgrade to 2.2.3 - CVE-2024-4323
+
 * Wed Apr 03 2024 CBL-Mariner Servicing Account <cblmargh@microsoft.com> - 2.2.2-1
 - Auto-upgrade to 2.2.2 - CVE-2024-23722
 

diff --git a/cgmanifest.json b/cgmanifest.json
@@ -3688,8 +3688,8 @@
         "type": "other",
         "other": {
           "name": "fluent-bit",
-          "version": "2.2.2",
-          "downloadUrl": "https://github.com/fluent/fluent-bit/archive/refs/tags/v2.2.2.tar.gz"
+          "version": "2.2.3",
+          "downloadUrl": "https://github.com/fluent/fluent-bit/archive/refs/tags/v2.2.3.tar.gz"
         }
       }
     },