package/fluent-bit: security bump to 4.2.0

ThomasDevoogdt · tperale · commit 053eb1a9840e · 2025-12-18T17:03:40.000+01:00
This is a major release that introduces new features, including one highlighted in the release notes: "The v4.2 release introduces a powerful new Direct Routing capability that allows inputs to specify routes directly to outputs, bypassing the traditional routing mechanism." But it also brings some security fixes. Not all of them are relevant, but some piece of lecture can be found here [1]. It fixes the following CVEs: CVE-2025-12977 CVE-2025-12978 CVE-2025-12972 CVE-2025-12970 CVE-2025-12969 News: - https://fluentbit.io/announcements/v4.1.0/ - https://fluentbit.io/announcements/v4.1.1/ - https://fluentbit.io/announcements/v4.2.0/ The patch 0001-plugins-kafka-fix-cmake-cross-compile-error.patch can be dropped as it has been merged upstream [2]. [1] https://www.theregister.com/2025/11/24/fluent_bit_cves/ [2] fluent/fluent-bit#9600 Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 7a037d0) Signed-off-by: Thomas Perale <thomas.perale@mind.be>
diff --git a/package/fluent-bit/0001-lib-librdkafka-only-require-a-C-compiler.patch b/package/fluent-bit/0001-lib-librdkafka-only-require-a-C-compiler.patch
@@ -1,4 +1,4 @@
-From c33d6bd392c5c8bbd231b2a9d00d4959cc553c44 Mon Sep 17 00:00:00 2001
+From 7329316bdcc72aceb6bbbdf8711f5bf8894c2a15 Mon Sep 17 00:00:00 2001
 From: Thomas Devoogdt <thomas.devoogdt@barco.com>
 Date: Tue, 25 Jul 2023 09:10:41 +0200
 Subject: [PATCH] lib: librdkafka: only require a C compiler
diff --git a/package/fluent-bit/0001-plugins-kafka-fix-cmake-cross-compile-error.patch b/package/fluent-bit/0001-plugins-kafka-fix-cmake-cross-compile-error.patch
diff --git a/package/fluent-bit/fluent-bit.hash b/package/fluent-bit/fluent-bit.hash
@@ -1,3 +1,3 @@
 # Locally computed
-sha256  0031f74b616b4669064a59902559da2f87174aa8007e749b5df19ed79c534f5b  fluent-bit-4.0.9.tar.gz
+sha256  44fe0f52e89a63b213695748f99691d0a6247a4bd05065f1b517c798d9f89bcc  fluent-bit-4.2.0.tar.gz
 sha256  0d542e0c8804e39aa7f37eb00da5a762149dc682d7829451287e11b938e94594  LICENSE
diff --git a/package/fluent-bit/fluent-bit.mk b/package/fluent-bit/fluent-bit.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-FLUENT_BIT_VERSION = 4.0.9
+FLUENT_BIT_VERSION = 4.2.0
 FLUENT_BIT_SITE = $(call github,fluent,fluent-bit,v$(FLUENT_BIT_VERSION))
 FLUENT_BIT_LICENSE = Apache-2.0
 FLUENT_BIT_LICENSE_FILES = LICENSE

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-From c33d6bd392c5c8bbd231b2a9d00d4959cc553c44 Mon Sep 17 00:00:00 2001`
	`1`	`+From 7329316bdcc72aceb6bbbdf8711f5bf8894c2a15 Mon Sep 17 00:00:00 2001`
`2`	`2`	`From: Thomas Devoogdt <thomas.devoogdt@barco.com>`
`3`	`3`	`Date: Tue, 25 Jul 2023 09:10:41 +0200`
`4`	`4`	`Subject: [PATCH] lib: librdkafka: only require a C compiler`
Original file line number	Diff line number	Diff line change
`@@ -4,7 +4,7 @@`
`4`	`4`	`#`
`5`	`5`	`################################################################################`
`6`	`6`
`7`		`-FLUENT_BIT_VERSION = 4.0.9`
	`7`	`+FLUENT_BIT_VERSION = 4.2.0`
`8`	`8`	`FLUENT_BIT_SITE = $(call github,fluent,fluent-bit,v$(FLUENT_BIT_VERSION))`
`9`	`9`	`FLUENT_BIT_LICENSE = Apache-2.0`
`10`	`10`	`FLUENT_BIT_LICENSE_FILES = LICENSE`