v19.516-1

In this release, we've enhanced the security and stability of the Collector with added support for security patches.

Security Fixes

• Upgraded Tanuki version to version 3.5.60 to fix the collector intermittently crashing issue.
• Upgraded collector JRE to Amazon Corretto Version 8.432.06.1.

Troubleshooting

When upgrading this collector version, collector running as non-root user (run as mode) or on a Mac operating system cannot be upgraded through the API/Web UI. To resolve these issue, follow the respective steps below:
- Collector running as non-root user. An error message will be displayed indicating that the upgrade is not possible. The upgrade must be performed manually on your machine. Refer to the Upgrade Collectors in Sumo Logic to upgrade the collector manually.
- Collector running on Mac. The process will stop while upgrading, and the collector will need to be restarted manually on your machine. Use the below code to manually restart.
sudo ./collector start

v19.514-1

In this release, we've enhanced the security and stability of the Collector with added support for security patches and bug fixes.

Security Fixes

• Upgraded com.fasterxml.jackson.core to version 2.15.4 to address jackson-core vulnerability (CVE-2023-0067).
• Upgraded org.apache.avro:avro to version 1.11.4 to address ion-java vulnerability (CVE-2024-47561).

Bug Fix

• Fixed the intermittent collector crash issue for AD source.

v19.506-1

In this release, we've enhanced the security and stability of the Collector with added support for security patches and bug fixes.

Security Fixes

• Upgraded collector JRE to Amazon Corretto Version 8.422.05.1.
• Upgraded com.amazonaws:aws-java-sdk-s3 to version 1.12.767 to address ion-java vulnerability (CVE-2024-21634).

Bug Fix

• Fixed the Docker duplication data re-ingestion issue.

v19.500-2

In this release, we've enhanced the security and stability of the Collector with added support for security patches and bug fixes.

Security Fixes

• Upgraded collector JRE to Amazon Corretto Version 8.412.08.1.
• Upgraded Install4j to version 10 for macOS.
• Upgraded com.tanuki:wrapper to version 3.5.56.
• Upgraded org.apache.commons:commons-configuration2 to version 2.11.0 to address known security vulnerabilities (CVE-2024-29133 and CVE-2024-29131).
• Upgraded org.bouncycastle:bc-fips to version 1.2.5.0 to address known security vulnerabilities (CVE-2024-29857).
• Upgraded org.apache.commons:commons-compress to version 1.26.1 to address known security vulnerabilities (CVE-2024-26308 and CVE-2024-25710).
• Upgraded org.bouncycastle:bctls-fips to version 1.0.19 to address known security vulnerabilities (CVE-2024-30171).
• Upgraded org.bouncycastle:bcpkix-jdk18on to version 1.78 to address known security vulnerabilities (CVE-2024-30172, CVE-2024-30171, and CVE-2024-29857).
• Known issues when upgrading to this version:
  • Collector running as non-root user. Collector running as non-root user (run as mode) cannot be upgraded through the API/Web UI. It display an error message indicating that the upgrade is not possible. The upgrade must be performed manually on your machine. Follow the steps to upgrade manually.
  • Collector running on Mac. Collector running on a Mac operating system cannot be upgraded through the API/Web UI. The process will stop, and the collector will need to be restarted manually on your machine if upgraded using API or Web UI. Use the below code to manually restart.

    sudo ./collector start
    

Bug Fix

• Fixed the collector start issue by cleaning the temporary files on Windows.
• Fixed the issue with starting the collector on Linux RHEL OS (version 8.3 and above) with OS-level FIPS mode enabled.

v19.484-2

In this release, we've upgraded the collector JRE to Amazon Corretto Version 8.402.08.1 to enhance stability and optimize performance for faster execution.

v19.484-1

In this release, we've enhanced the Amazon Corretto back-end support for minor version updates.

v19.478-2

In this release, we've enhanced the security and stability of the Collector with added support for security patches and bug fixes.

Security Fixes

• Upgraded collector JRE to Amazon Corretto Version 8.402.06.1.
• Upgraded Install4j to version 10.0.6 for Linux aarch.
• Upgraded org.json:json to version 20231013 to address known security vulnerabilities (CVE-2023-5072).
• Upgraded org.apache.avro:avro to 1.11.3 to address known security vulnerabilities (CVE-2023-39410).
• Upgraded bcprov-jdk15on to bcprov-jdk18on to address known security vulnerabilities (CVE-2023-33201).

Bug Fix

• Fixed the issue with Docker Stats Source that was causing metrics to be missing in particular cases.

v19.467-2

Security Fixes

• Upgraded collector JRE to Amazon Corretto Version 8.392.08.1.
• Upgraded org.apache.commons:commons-compress to version 1.24.0 to address known security vulnerabilities (CVE-2023-42503).
• Upgraded org.xerial.snappy:snappy-java to 1.1.10.4 to address known security vulnerabilities (CVE-2023-43642).
• Upgraded org.bouncycastle:bc-fips to 1.0.2.4 to address known security vulnerabilities (CVE-2022-45146).
• Upgraded com.google.crypto.tink:tink to 1.11.0 to address known security vulnerabilities (CVE-2022-3510 and CVE-2022-3509).

Bug Fixes

• Fixed the AWS archive temporary files clean up issue on Windows. If you are facing this issue while upgrading from a previous collector version then a collector restart might be necessary after the upgrade.
• Fixed temporary files issue in Windows installation.

v19.461-1

In this release, we've resolved the collector start issue that was occuring after the Windows feature update. For collectors running as custom user, refer to the Advanced UI Installer Settings to provide full access to custom user.

v19.456-3

Security Fixes

• Upgraded collector JRE to Amazon Corretto Version 8.382.05.1.
• When installed collector sends data to the backend receiver use zstd compression to improve the speed and compression rate.
• Upgraded org.xerial.snappy:snappy-java to version 1.1.10.1 to address the known security vulnerabilities (CVE-2023-34455, CVE-2023-34453, and CVE-2023-34454).

Bug Fixes

• Fixed the Docker duplication issue.