Hi,
Due to blocker from CVE I posted in the following topic, I am trying to build alternative Logstash using Alpine Linux.
Is there any alternative release of Logstash using Alpine Linux?
Hello,
Please avoid opening multiple topics for the same thing.
The CVE you shared does not seem to have antyhing to do with Logstash.
The description of CVE-2023-26604 is
systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.
There is no specific release of Logstash for Alpine, you can download Logstash as rpm, deb, tar.gz or build from source from the instructions on the repository.
But it is still not clear what you want to do and fix since this seems to be a systemd issue, not a logstash issue.
Yes, it's systemd issue not logstash but as the systemd vulnerability is in ubuntu and logstash is built on top of that, I am blocked to send logstash in production.
As mentioned, this issue has nothing to do with Logstash, you need to update the systemd on your server to a fixed version.
It is not clear what you want to change in Logstash that would solve this.