In this release, we've enhanced the security and stability of the Collector with added support for security patches and bug fixes.

Security Fixes​

• Upgraded collector JRE to Amazon Corretto Version 8.422.05.1.
• Upgraded com.amazonaws:aws-java-sdk-s3 to version 1.12.767 to address ion-java vulnerability (CVE-2024-21634).

Bug Fix​

• Fixed the Docker duplication data re-ingestion issue.

In this release, we've enhanced the security and stability of the Collector with added support for security patches and bug fixes.

Security Fixes​

• Upgraded collector JRE to Amazon Corretto Version 8.412.08.1.
• Upgraded Install4j to version 10 for macOS.
• Upgraded com.tanuki:wrapper to version 3.5.56.
• Upgraded org.apache.commons:commons-configuration2 to version 2.11.0 to address known security vulnerabilities (CVE-2024-29133 and CVE-2024-29131).
• Upgraded org.bouncycastle:bc-fips to version 1.2.5.0 to address known security vulnerabilities (CVE-2024-29857).
• Upgraded org.apache.commons:commons-compress to version 1.26.1 to address known security vulnerabilities (CVE-2024-26308 and CVE-2024-25710).
• Upgraded org.bouncycastle:bctls-fips to version 1.0.19 to address known security vulnerabilities (CVE-2024-30171).
• Upgraded org.bouncycastle:bcpkix-jdk18on to version 1.78 to address known security vulnerabilities (CVE-2024-30172, CVE-2024-30171, and CVE-2024-29857).
• Known issues when upgrading to this version:
  • Collector running as non-root user. Collector running as non-root user (run as mode) cannot be upgraded through the API/Web UI. It display an error message indicating that the upgrade is not possible. The upgrade must be performed manually on your machine. Follow the steps to upgrade manually.
  • Collector running on Mac. Collector running on a Mac operating system cannot be upgraded through the API/Web UI. The process will stop, and the collector will need to be restarted manually on your machine if upgraded using API or Web UI. Use the below code to manually restart.

    sudo ./collector start
    

Bug Fix​

• Fixed the collector start issue by cleaning the temporary files on Windows.
• Fixed the issue with starting the collector on Linux RHEL OS (version 8.3 and above) with OS-level FIPS mode enabled.

In this release, we've upgraded the collector JRE to Amazon Corretto Version 8.402.08.1 to enhance stability and optimize performance for faster execution.

In this release, we've enhanced the Amazon Corretto back-end support for minor version updates.

In this release, we've enhanced the security and stability of the Collector with added support for security patches and bug fixes.

Security Fixes​

• Upgraded collector JRE to Amazon Corretto Version 8.402.06.1.
• Upgraded Install4j to version 10.0.6 for Linux arch.
• Upgraded org.json:json to version 20231013 to address known security vulnerabilities (CVE-2023-5072).
• Upgraded org.apache.avro:avro to 1.11.3 to address known security vulnerabilities (CVE-2023-39410).
• Upgraded bcprov-jdk15on to bcprov-jdk18on to address known security vulnerabilities (CVE-2023-33201).

Bug Fix​

• Fixed the issue with Docker Stats Source that was causing metrics to be missing in particular cases.

This is an archive of 2023 Collector Release Notes. To view the full archive, click here.

This is an archive of 2022 Collector Release Notes. To view the full archive, click here.

This is an archive of 2021 Collector Release Notes. To view the full archive, click here.