We have released version 2.4.3 of
stream-collector, upgrading dependencies to address the recently identified Log4j 2 vulnerability ( CVE-2021-44228).
The main highlight is fixing the version of
log4j-core to 2.16.0. This change only affects the
nsq collector. The
kafka flavours of the collector were already using
We have also bumped other dependencies to ensure we’re on latest versions.
2.4.3 images can be pulled from Docker Hub.
For the full list of changes and
jar files, see the release notes:
Edited on 15 Dec 2021 11:07 UTC to clarify that
log4j-core change affects the
nsq collector only.