Closed lucas-akira closed 4 months ago
As per https://fluentbit.io/blog/2024/05/21/statement-on-cve-2024-4323-and-its-fix/ Fluent Bit version 2.2.3 has been updated with a backport fix for CVE-2024-4323.
Since our current Yocto recipe for Fluent Bit gets an outdated 2.2.3, updating SRCREV to get the fix should be enough. I did some quick tests and the updated recipe builds without problems.
As per https://fluentbit.io/blog/2024/05/21/statement-on-cve-2024-4323-and-its-fix/ Fluent Bit version 2.2.3 has been updated with a backport fix for CVE-2024-4323.
Since our current Yocto recipe for Fluent Bit gets an outdated 2.2.3, updating SRCREV to get the fix should be enough. I did some quick tests and the updated recipe builds without problems.