Falcon LogScale 1.88.1 LTS (2023-06-22)

Version?Type?Release Date?Availability?End of Support

Security

Updates

Upgrades

From?

Config.

Changes?
1.88.1LTS2023-06-22

Cloud

2024-05-31No1.44.0No
TAR ChecksumValue
MD5a999345b437d7c0fbaddbb8a55e6429a
SHA11de90e62be02bdcccbec07f9a29720c3c69dbe63
SHA25640b2addbaedfdd3155fbd78b38c72dc8ef64c8a945a5858db38867d92aa54b6a
SHA51278910febd9b6c7d216bc662ca47987db4e3a9e8c7eb3ee948a90e0c73b7aaf2de287faaec1c7891f8a76b4bc0914019e1ed09bd4919d4b5a23deda31c3d3038d
Docker ImageSHA256 Checksum
humiod8436c255ce0c95e231fc533a2240f037f3668f4e5f6bc7d3ea614173a6a5088
humio-corec5e82eac78cf5cf9132d3fb76ccda881ef402c142378eebffae77b4356de2ef9
kafka5ad6b49d76ca75c91731c02f1c11928eea98efa3d2f1df8800ab55e669045ce0
zookeepercb4f5e163317fb289110c6372d5b54208f4396c433282b65bbfa3c15596e64cc

Download: https://repo.humio.com/repository/maven-releases/com/humio/server/1.88.1/server-1.88.1.tar.gz

Security fixes.

New features and improvements

  • Queries

    • Polling a query on /queryjobs can now delay the response a bit in order to allow returning a potentially done response. The typical effective delay is less than 2 seconds, and the positive effect is saving the extra poll roundtrip that would otherwise need to happen before the query completed. This in particular makes simple queries complete faster from the viewpoint of the client, as they do not have to wait for an extra poll roundtrip in most cases.

Fixed in this release

  • Security

    • Verified that LogScale does not use the affected Akka dependency component in CVE-2023-31442 by default, and have taken additional precautions to notify customers.

      For:

      • LogScale Cloud/Falcon Long Term Repository:

        • This CVE does not impact LogScale Cloud or LTR customers.

      • LogScale Self-Hosted:

        • Exposure to risk:

          • Potential risk is only present if a self hosted customer has modified the Akka parameters to a non default value of akka.io.dns.resolver = async-dns during initial setup.

          • By default LogScale does not use this configuration parameter.

          • CrowdStrike has never recommended custom Akka parameters. We recommend using default values for all parameters.

        • Steps to mitigate:

          • Setting akka.io.dns.resolver to default value (inet-address) will mitigate the potential risk.

        • On versions older than 1.92.0:

          • Unset the custom Akka configuration. Refer to Akka documentation for more information on how to unset or pass a different value to the parameter here.

          • CrowdStrike recommends upgrading LogScale to 1.92.x or higher versions.