Falcon LogScale 1.82.2 LTS (2023-06-22)

Version^?	Type^?	Release Date^?	Availability^?	End of Support	Security Updates	Upgrades From^?	Config. Changes^?
1.82.2	LTS	2023-06-22	Cloud	2024-04-30	No	1.44.0	No

TAR Checksum	Value
MD5	155c984fb2f3319e42ca151704a5b3f1
SHA1	05cae24fac6be7d8cc24bb29c11fa068961d76e7
SHA256	9a0ca4411a7fbd12dbbbe9582498d9f26552c72e68bfca31f6e812b4bb5bcc81
SHA512	bcf589535e0e5c13ecab26f8ba330dd99f190228337f780d0c77d7ca012d67156ad26916471da4e21e7847074f1b654638117626f34e2c509cd2c736faaa90aa

Docker Image	SHA256 Checksum
humio	3efbba813293749fc2a6c7bd8332f17110ca33f92a5aa6ea82dab158defe4456
humio-core	92178d5950198b8a9c5df7764385248f7a58d72c2c3f9eae74f3c7b8492b91b1
kafka	4485b9c15d8a3e9cc122f548e68a6daaba983cb8479f553d8ea11ba4de7c09c5
zookeeper	c045a185ddc1f0d852a4f73b6668db78c580b0f17287458d78cc723fce20a778

Download: https://repo.humio.com/repository/maven-releases/com/humio/server/1.82.2/server-1.82.2.tar.gz

Security fixes.

Fixed in this release

Security
- Verified that LogScale does not use the affected Akka dependency component in CVE-2023-31442 by default, and have taken additional precautions to notify customers.
  For:
  LogScale Cloud/Falcon Long Term Repository:
  This CVE does not impact LogScale Cloud or LTR customers.
  LogScale Self-Hosted:
  Exposure to risk:
  Potential risk is only present if a self hosted customer has modified the Akka parameters to a non default value of akka.io.dns.resolver = async-dns during initial setup.
  By default LogScale does not use this configuration parameter.
  CrowdStrike has never recommended custom Akka parameters. We recommend using default values for all parameters.
  Steps to mitigate:
  Setting akka.io.dns.resolver to default value (inet-address) will mitigate the potential risk.
  On versions older than 1.92.0:
  Unset the custom Akka configuration. Refer to Akka documentation for more information on how to unset or pass a different value to the parameter here.
  CrowdStrike recommends upgrading LogScale to 1.92.x or higher versions.