Release v0.102.1 to address security risks #33496
Labels
needs triage
New item requiring triage
Comments
This was referenced Jun 19, 2024
|
v0.103.0 was released with the fix. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Component(s)
No response
confighttp and configgrpc OTLP receivers
Describe the issue you're reporting
I’ve noticed that the collector installation docs have instructions to install collector-contrib v0.102.1 (https://github.com/open-telemetry/opentelemetry-collector-contrib/releases). And of course that’s good advice: that’s the most recent version and addressed the security issue described in https://opentelemetry.io/blog/2024/cve-2024-36129/
However, the opentelemetry-collector-contrib repo’s most recent release is v102.0, see:
It seems weird that the contrib repo and the installation docs don’t match up and that the contrib repo doesn’t have a v0.102.1 release to match the docker v0.102.1 release and core collector v0.102.1 release. Because the contrib collector is used so widely, a v102.1 release would help document the security fixes and make it easy to install a contrib collector at the latest version.
The text was updated successfully, but these errors were encountered: