Skip to content

3.5.0 CVE fixes#1728

Open
suyadav1 wants to merge 1 commit into
ci_prodfrom
suyadav/3.5.0-cves
Open

3.5.0 CVE fixes#1728
suyadav1 wants to merge 1 commit into
ci_prodfrom
suyadav/3.5.0-cves

Conversation

@suyadav1

@suyadav1 suyadav1 commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

This pull request updates the Fluentd installation for both Linux and Windows Kubernetes images to address multiple security vulnerabilities, and modernizes the Ruby and dependency stack on Windows. The main focus is upgrading Fluentd and Ruby to secure versions, updating related dependencies, and ensuring unused or vulnerable gems are removed.

Security and Dependency Updates:

  • Upgraded fluentd to version 1.19.3 on both Linux and Windows, which addresses several critical CVEs (CVE-2026-44024, CVE-2026-44025, CVE-2026-44160, CVE-2026-44161). [1] [2]
  • Upgraded Ruby on Windows from 3.1.1.1 to 3.4.9.1, and updated msys2 accordingly to match the new Ruby version.
  • Updated gem dependencies for Windows: upgraded oj to 3.17.3, added json 2.13.2, and installed the latest compatible versions of other required gems.

Vulnerability Remediation:

  • Improved removal of the rexml gem (previously a source of vulnerabilities such as CVE-2025-58767) in a version-agnostic way, and continued removal of the unused and vulnerable net-imap gem.
  • Updated file and cache cleanup paths to match the new Ruby 3.4 installation, and added -ErrorAction SilentlyContinue to PowerShell cleanup commands for robustness. [1] [2]

@suyadav1 suyadav1 requested a review from a team as a code owner July 2, 2026 22:23
@suyadav1

suyadav1 commented Jul 2, 2026

Copy link
Copy Markdown
Contributor Author

/azp run

@azure-pipelines

Copy link
Copy Markdown
Azure Pipelines successfully started running 1 pipeline(s).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant