Skip to content

v1.4.1

Latest

Choose a tag to compare

@github-actions github-actions released this 03 Jun 17:43

New Layers versions are published

For Commercial AWS regions:

For x86_64 architecture use layer ARN:
arn:aws:lambda:<AWS_REGION>:956882708938:layer:sumologic-extension-amd64:13

For arm64 architecture use layer ARN:
arn:aws:lambda:<AWS_REGION>:956882708938:layer:sumologic-extension-arm64:13

AWS_REGION - Replace with your AWS Lambda Region.

For European Sovereign Cloud

For x86_64 architecture use layer ARN:
arn:aws-eusc:lambda:eusc-de-east-1:052162193518:layer:sumologic-extension-amd64:13

For arm64 architecture use layer ARN:
arn:aws-eusc:lambda:eusc-de-east-1:052162193518:layer:sumologic-extension-arm64:13

What's New

  • Security patch: Fixed Denial of Service vulnerabilities in AWS SDK EventStream Decoder
  • Updated AWS SDK Go v2 dependencies to latest stable versions

Security Fixes

  • CVE Fix: DoS vulnerability in s3 EventStream Decoder
  • CVE Fix: DoS vulnerability in eventstream protocol

Dependency Updates

  • aws-sdk-go-v2: v1.39.1 → v1.41.9
  • aws-sdk-go-v2/service/s3: v1.88.2 → v1.102.2
  • aws-sdk-go-v2/aws/protocol/eventstream: v1.7.1 → v1.7.11

Full Changelog

v1.4.0...v1.4.1

Commits

  • f9ce87b: SUMO-278456 | Changes to fix arn fidings with ESC AWS region. Changes script to print the correct ARN based on dynamically fetching partition by aws cli command (sumoanema) #31
  • 934e0f2: adding aws_profile to delete script as suggested in copilot review (sumoanema) #31
  • a4f9d98: Introducing handling for different aws profile - seperate for ESC in zip.sh deployment script (sumoanema) #31
  • 03cc084: Creting seperate script for special aws partition which can be extended further for other non-standard partition - keeping the default script zip.sh unchanged (sumoanema) #31
  • bf7d63e: updateing aws sdk dependencies to fix cve (Md Azhar) #32