Created attachment 206739 [details]
Patch to update to 6.8.2
Update to 6.8.2
This version supports newer versions of Java, and I've run it lightly with OpenJDK 11. However, the testing has been very light and some guidance on a more robust test procedure would be appreciated.
I wasn't clear how files/logstash.conf.sample was created, but I updated it with the example included in the distribution. I can remove that if it was created separately.
This also addresses https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7612 by updating to a version which doesn't have that vulnerability.
This update should likely be done at the same time as the one in bug #239972.
Created attachment 207633 [details]
Patch to update to 6.8.3
Updated the patch so that the update is to 6.8.3
A commit references this bug:
Date: Sat Oct 5 00:26:18 UTC 2019
New revision: 513798
Update to 6.8.3
* Update to 6.8.3
* Take the distributed sample and use that as logstash.conf.sample
Approved by: maintainer timeout
Sponsored by: The FreeBSD Foundation
(In reply to Greg Lewis from comment #1)
Greg: do you have this running on FreeBSD 11.3?
I ask because of https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241312
I did have it up and running prior to committing the update. I don't have it running at the moment though. Not that I was doing anything terribly exciting with it, so it is quite possible the reporter on bug 241312 has it configured such that they experience a use case that I didn't exercise. However, I'll note that they report also seeing the same problem with logstash5, so it doesn't appear at first glance to be related to the upgrade of logstash6 but rather something that is related to what the reporter is doing.
Where you using the SSL settings = true in your config file and had it working/running? Or was it the default config that gets installed?
I was using the default configuration