Fluentd Blog

fluent-package v6.0.4 has been released

  • 2026-06-26
  • ClearCode, Inc.

Hi users!

We have released fluent-package v6.0.4 on 2026-06-26. Fluent Package is a stable distribution package of Fluentd. (successor of td-agent)

This is a maintenance release of v6.0.x LTS series.

Fluent Package v6.0.4

Fluent Package v6.0.4 includes the following improvements:

  • Updated bundled Fluentd to v1.19.3 which fixes some vulnerabilities.

This article explains the changes in Fluent Package v6.0.4.

Changes

Updated bundled Fluentd to v1.19.3 which fixes some vulnerabilities.

In this release, some critical vulnerabilities were fixed.

The above vulnerabilities affects to older than v1.19.3, thus the following packages also will be affected.

  • fluent-package LTS v6.0.3 or earlier
  • fluent-package Standard edition v6.0.0 (NOTE: no patched version planned yet, please consider to use LTS)
  • fluent-package LTS v5.0.9 or earlier (NOTE: v5.0.x already reached EOL, no patched updates anymore)
  • fluent-package Standard edition v5.2.0 or earlier (NOTE: v5.x already reached EOL, no patched updates anymore)
  • All of td-agent (NOTE: td-agent already reached EOL, no patched updates anymore)

We recommend upgrading fluent-package to v6.0.4.

If you can't upgrade it immediately, there is a case that mitigation method is explained in above advisory. Please check each advisory and take care of it.

Download

Please visit the download page.

Announcement

About next LTS schedule

We plan to release the next LTS version of fluent-package v6.0.5 at Sep 2026. The content of updates are still TBD.

Follow us on X

We have been posting information about Fluentd in Japanese on @fluentd_jp. We would appreciate it if you followed the X account.

Read More

Fluentd v1.19.3 has been released

  • 2026-06-25
  • ClearCode, Inc.

Hi users!

We have released v1.19.3 on 2026-06-25. ChangeLog is here.

This release is a maintenance release of v1.19 series.

This release is bundled for fluent-package LTS version v6.0.4!

Security Fixes

Many vulnerabilities were fixed in this release.

Additionally, similar vulnerability was also fixed in the following fluentd plugins:

In most cases, there is no problem using deployed Fluentd within a closed, trusted network. If you could not update Fluentd immediately, consider to take advised mitigation in above advisories.

Bug Fixes

Many bugs were also fixed in this release.

  • in_debug_agent: accept only from local machine by default
  • buffer: resume buffer correctly even though path contains []
  • out_forward: avoid reusing closed keepalive sockets after remote
  • storage_local: fix encoding error when fix encoding error when reading non-ASCII characters

in_debug_agent: accept only from local machine by default

Historically, in_debug_agent accepts remote access by default.

This behavior is not problem because usually in_debug_agent must be explicitly enabled by users who know what you do.

But, there is an security concern which accepts external access by default even though user must enable it explicitly.

To mitigate security concern, changed that behavior a bit secure by default.

If you dare to keep previous non-secure behavior, specify 0.0.0.0 explicitly.

<source>
  @type monitor_agent
  bind 0.0.0.0   # prior to v1.19.3 default behavior
  bind 127.0.0.1 # since v1.19.3 default behavior
  ...
</source>

buffer: resume buffer correctly even though path contains []

If buffer path contains [] in tag something like "path test/${tag[0]}", when resuming buffer process can't find them without escaping bracket.

Thus buffer files remains under that directory.

In this release, that can be resumed correctly.

Note that recommended tag spec is specified in routing documentation, but it is easily shoot your legs in practical use-case if you use [] characters. so it is changed to take care of that case.

avoid reusing closed keepalive sockets after remote disconnects

In the previous versions, there was a keepalive socket reuse bug.

When a cached keepalive connection has already been closed by the remote side, out_forward could pick that socket back up and try to write to it again.

As a result, that left the flush thread spinning on a dead socket and can drive CPU usage to 100%.

storage_local: fix encoding error when fix encoding error when reading non-ASCII characters

If data containing non-latin characters are stored onto disk using the storage_local plugin, the file is properly written but cannot be read again once fluentd restarts. Now that behaviour was fixed by properly handling the file encoding.

Improvements

In this release, added some warnings for problematic use-cases.

If there are any potential issues with your configuration, Fluentd detects above cases additionally.

Enjoy logging!

Follow us on X

We have been posting information about Fluentd in Japanese on @fluentd_jp. We would appreciate it if you followed the X account.

Read More

fluent-package v6.0.3 has been released

  • 2026-03-27
  • ClearCode, Inc.

Hi users!

We have released fluent-package v6.0.3 on 2026-03-27. Fluent Package is a stable distribution package of Fluentd. (successor of td-agent)

This is a maintenance release of v6.0.x LTS series.

Fluent Package v6.0.3

Fluent Package v6.0.3 includes the following improvements:

  • Fixed a severe memory leak issue in the bundled cool.io v1.9.3 under specific conditions
  • Updated bundled Ruby to 3.4.9
  • Updated bundled Nokogiri to v1.19.2 (Windows only) for vulnerability fix

This article explains the changes in Fluent Package v6.0.3.

Changes

Fixed a severe memory leak issue in the bundled cool.io v1.9.3

In fluent-package v6.0.2, a critical issue was discovered where memory usage continuously increases over time. This release completely resolves this problem.

  • Affected Environments
    • This issue occurs in environments where TCP connections are frequently connected and disconnected.
    • It is easily reproducible when using the out_forward plugin with the keepalive false setting (which is the default value).
  • Root cause
    • The asynchronous I/O library cool.io (v1.9.2 and v1.9.3) bundled in fluent-package v6.0.2 had a bug in its detachment process.
    • When a TCP connection was detached, the internal watcher objects were not properly garbage collected, leaving "garbage" data accumulated in the memory.
  • Resolution
    • We have released cool.io v1.9.4 which fixes this bug, and it is now bundled by default in fluent-package v6.0.3.

If operated for a long period, this memory leak will exhaust system memory resources, eventually causing the Fluentd process to be terminated unexpectedly by the OOM (Out of Memory) Killer. We strongly recommend users who are using out_forward on v6.0.2 to update to this version immediately.

Note: Users on fluent-package v6.0.1 or earlier are not affected by this specific issue.

Updated bundled Ruby to 3.4.9

Ruby 3.4.9 includes multiple bug and security fixes. Specifically, it addresses the following vulnerability:

For details, please see the Ruby 3.4.9 release notes.

Updated bundled Nokogiri (Windows only) for vulnerability fix

We have updated the bundled Nokogiri from v1.18.10 to v1.19.2 for the Windows version to address the following vulnerability:

Download

Please visit the download page.

Announcement

About next LTS schedule

We plan to release the next LTS version of fluent-package v6.0.4 at June 2026. The content of updates are still TBD.

Follow us on X

We have been posting information about Fluentd in Japanese on @fluentd_jp. We would appreciate it if you followed the X account.

Read More

fluent-package v6.0.2 has been released

  • 2026-02-27
  • ClearCode, Inc.

Hi users!

We have released fluent-package v6.0.2 on 2026-02-27. Fluent Package is a stable distribution package of Fluentd. (successor of td-agent)

This is a maintenance release of v6.0.x LTS series.

Fluent Package v6.0.2

Fluent Package v6.0.2 includes the following improvements:

  • Updated bundled Ruby to 3.4.8
  • Updated bundled Fluentd from v1.19.1 to v1.19.2
  • rpm: fixed update error if working directory was removed
  • Fixed CVEs about bundled gems: CVE-2025-14762, CVE-2026-25765
    • When using with fluentd, usually it will not be affected by these vulnerability, but bundled fixed versions with keeping compatibility.
  • msi: fixed installation rollback issue when executing maintenance script

This article explains the changes in Fluent Package v6.0.2.

Changes

Updated bundled Ruby to 3.4.8

Ruby 3.4.8 includes multiple bug and security fixes. For details, please see the Ruby 3.4.8 release notes.

Updated bundled Fluentd from v1.19.1 to v1.19.2

Fluentd v1.19.2 includes the following fixes:

  • Fixed duplicate configuration file loading in config_include_dir
  • in_tail: fixed error when files without read permission are included in glob patterns
  • out_forward: added timeout to prevent infinite loop under unstable network connection
  • gem: use latest net-http to solve IPv6 addr error
  • warn when backed-up conf file will be included

For details, please see the Fluentd v1.19.2 has been released.

rpm: fixed update error if working directory was removed

In this release, it was fixed update error if temporary working directory was removed.

In the previous versions, if temporary working directory was removed by tmpfiles.d, there was a case that updating to v6 (up to v6.0.1) causes fatal error while rpm processes transaction.

Now, with changing temporary working directory handling, it was fixed in v6.0.2.

msi: fixed installation rollback issue when executing maintenance script

Since v6.0.0, installation maintenance script (powershell) was partially introduced for Windows. But in some environments, there is a case that the execution of powershell was prohibited in your policy. In such a case, installation process will be failed unexpectedly.

In this release, added fallback not to terminate installation process accidentally.

Download

Please visit the download page.

Announcement

About next LTS schedule

We plan to release the next LTS version of fluent-package v6.0.3 at June 2026. The content of updates are still TBD.

Follow us on X

We have been posting information about Fluentd in Japanese on @fluentd_jp. We would appreciate it if you followed the X account.

Read More

Fluentd v1.19.2 has been released

  • 2026-02-13
  • ClearCode, Inc.

Hi users!

We have released v1.19.2 on 2026-02-13. ChangeLog is here.

This release is a maintenance release of v1.19 series.

This release will be bundled for upcoming fluent-package LTS version v6.0.2!

Bug Fixes

Fixed duplicate configuration file loading in config_include_dir

Since Fluentd v1.19.0, the configuration files under/etc/fluent/conf.d were changed to load automatically.

This feature was introduced to load builtin plugins and designed to work well with fluent-package. But, as a side effect, there is a case that duplicated configuration files are loaded if user already configured to include from /etc/fluent/conf.d.

In that case, it causes startup failures. Thus, user need to disable with config_include_dir "" explicitly as a workaround.

In this release, not to raise startup failure, we fixed duplicate configured file loading in config_include_dir.

in_tail: fixed error when files without read permission are included in glob patterns

In the previous versions, if you enabled Linux capability feature with Fluentd, there is a case that it causes an error.

It was caused when accessing uninitialized instance variable.

out_forward: added timeout to prevent infinite loop under unstable network connection

In unstable network environments with proxy components, if connection drops during handshake after TLS establishment, Fluentd gets stuck in infinite loop causing logs to stop being flushed.

In this release, fixed to uses existing hard_timeout configuration to break the loop, then disable problematic nodes, and maintain log flow through healthy nodes.

This fixes improves stability of Fluentd.

gem: use latest net-http to solve IPv6 addr error

net-http gem had a bug in handling IPv6 addresses, and updating the uri gem would trigger strict checking, thus causing errors.

It was affected when you installed via gem command.

warn when backed-up conf file will be included

There is a case that unintentionally backed-up conf file will be loaded by wild card @include.

It will help to detect such a careless mistakes by warning.

For example, if you include configuration file by @include conf/*.conf, and there are unintentionally backed-up file exists (conf/dummy.bak.conf), usually it causes startup failures.

In this release, it detects such a case as a warning.

$ fluentd -c wildcard_include.conf --dry-run
2026-02-12 17:41:39 +0900 [info]: init supervisor logger path=nil rotate_age=nil rotate_size=nil
2026-02-12 17:41:39 +0900 [warn]: There is a possibility that '@include conf/*.conf' includes duplicated backed-up config file such as <dummy.bak.conf>
2026-02-12 17:41:39 +0900 [info]: parsing config file is succeeded path="wildcard_include.conf"
2026-02-12 17:41:39 +0900 [info]: configuration include directory is disabled
2026-02-12 17:41:39 +0900 [info]: gem 'fluentd' version '1.19.0'
2026-02-12 17:41:39 +0900 [info]: starting fluentd-1.19.0 as dry run mode ruby="3.4.8"
2026-02-12 17:41:39 +0900 [info]: using configuration file: <ROOT>
  <system>
    config_include_dir ""
  </system>
  <source>
    @type forward
  </source>
  <source>
    @type forward
  </source>
</ROOT>
2026-02-12 17:41:39 +0900 [info]: finished dry run mode

Enjoy logging!

Follow us on X

We have been posting information about Fluentd in Japanese on @fluentd_jp. We would appreciate it if you followed the X account.

Read More

View Full Archive

About Fluentd

Fluentd is an open source data collector to simplify log management.

Announcement Topics

2025-12-25: Drop schedule announcement about EOL of Fluent Package (fluent-package) 5

2025-09-04: Upgrade Guide for fluent-package v6

2024-08-29: Scheduled support lifecycle announcement about Fluent Package v6

2023-08-29: Drop schedule announcement about EOL of Treasure Agent (td-agent) 4

2023-08-29: Scheduled support lifecycle announcement about Fluent Package

2023-07-31: Upgrade to fluent-package v5

Recent Posts

2026-06-26: fluent-package v6.0.4 has been released

2026-06-25: Fluentd v1.19.3 has been released

2026-03-27: fluent-package v6.0.3 has been released

2026-02-27: fluent-package v6.0.2 has been released

2026-02-13: Fluentd v1.19.2 has been released

2025-12-25: Drop schedule announcement about EOL of Fluent Package (fluent-package) 5

2025-12-19: fluent-package v5.0.9 has been released

2025-12-09: Fluentd v1.16.11 has been released

2025-11-11: fluent-package v6.0.1 has been released

2025-11-06: Fluentd v1.19.1 has been released

View Full Archive

Learn

Want to learn the basics of Fluentd? Check out these pages.

Ask the Community

Couldn't find enough information? Let's ask the community!

Ask the Experts

You need commercial-grade support from Fluentd committers and experts?

Follow Us!


About

Fluentd is an open source data collector, which lets you unify the data collection and consumption for a better use and understanding of data.

Monthly Newsletter

Subscribe to our newsletter and stay up to date!

Community

Fluentd is a Cloud Native Computing Foundation (CNCF) graduated project. All components are available under the Apache 2 License.

Recent Posts

Visit recent

Community

Stay Connected

©2010-2026 Fluentd Project. ALL Rights Reserved.
Fluentd is a hosted project under the Cloud Native Computing Foundation (CNCF). All components are available under the Apache 2 License.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our Trademark Usage page.