| Version | Supported |
|---|---|
| 1.16.x | ✅ |
| <= 1.15.x | ❌ |
If you find a vulnerability of fluentd-daemonset-SOMETHING with the default configuration, report it from the following page:
Important
fluentd-kubernetes-daemonset images are downstream of fluent/fluentd container. Thus, even though security scanner reports a pile of vulnerabilities, the updated container image can't be shipped until updated container image is deployed from upstream first.
-
If you find that bundled Ruby gems related to fluentd-daemonset-SOMETHING have vulnerabilities, please report to fluentd-kubernetes-daemonset.
-
If you find that bundled Ruby gems related to fluentd-docker-image have vulnerabilities, please report to fluentd-docker-image.
-
The vulnerability of non-Ruby gems should be fixed in upstream container image, so PLEASE check https://security-tracker.debian.org/tracker/ in advance.
Note
In most cases, even though security scanner reports vulnerabilities, they are false-positive because fluentd doesn't use the vulnerable component.