Skip to content

JOBS-2475: Bump fluentd sidecar image to 4.20 (Echo secure base)#75

Closed
hramisetty wants to merge 1 commit into
masterfrom
feature/JOBS-2475-cve-echo-migration
Closed

JOBS-2475: Bump fluentd sidecar image to 4.20 (Echo secure base)#75
hramisetty wants to merge 1 commit into
masterfrom
feature/JOBS-2475-cve-echo-migration

Conversation

@hramisetty

@hramisetty hramisetty commented Jun 10, 2026

Copy link
Copy Markdown
Collaborator

Summary

  • Bumps Helm sidecar image tag from 4.19 to 4.20 across all values files (artifactory, xray, jfrog-platform)
  • The new fluentd:4.20 image is built on Echo secure base (reg.echohq.com/fluentd:1.19.2, Debian 13 Trixie)
  • Remediates Critical/High CVEs in the fluentd:4.19 image: CVE-2026-31789 (OpenSSL), CVE-2026-33845, CVE-2026-42010 (libgnutls30)

Tracked by: JOBS-2475, INTG-825
Testing Done:
prom-app-disk-free-table
prom-targets-up

- Remediates Critical/High CVEs: CVE-2026-31789, CVE-2026-33845, CVE-2026-42010
- Bump Helm sidecar image tag from 4.19 to 4.20
@hramisetty

Copy link
Copy Markdown
Collaborator Author

Superseded by #76 — consolidated into a single combined PR that consumes the released releases-docker.jfrog.io/fluentd:4.21 image directly (Dockerfile + Helm + README/CHANGELOG) and bumps the sidecar 4.19 -> 4.21. Closing in favor of #76.

@hramisetty hramisetty closed this Jun 24, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant