Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CVE fixes #3385

Merged
merged 2 commits into from
Sep 26, 2023
Merged

CVE fixes #3385

merged 2 commits into from
Sep 26, 2023

Conversation

asifsmohammed
Copy link
Collaborator

@asifsmohammed asifsmohammed commented Sep 26, 2023

Description

Fixes CVE-2022-36944, WS-2023-0116, CVE-2021-39194, CVE-2023-3635, CVE-2023-36479, CVE-2023-40167, WS-2023-0236

Issues Resolved

Check List

  • New functionality includes testing.
  • New functionality has a documentation issue. Please link to it in this PR.
    • New functionality has javadoc added
  • Commits are signed with a real name per the DCO

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

CVE-2022-36944, WS-2023-0116, CVE-2021-39194, CVE-2023-3635, CVE-2023-36479, CVE-2023-40167

Signed-off-by: Asif Sohail Mohammed <[email protected]>
Signed-off-by: Asif Sohail Mohammed <[email protected]>
oeyh
oeyh previously approved these changes Sep 26, 2023
Signed-off-by: Asif Sohail Mohammed <[email protected]>
Signed-off-by: Asif Sohail Mohammed <[email protected]>
@asifsmohammed asifsmohammed merged commit 5fdf95f into opensearch-project:main Sep 26, 2023
48 of 49 checks passed
@opensearch-trigger-bot
Copy link
Contributor

The backport to 2.4 failed:

The process '/usr/bin/git' failed with exit code 1

To backport manually, run these commands in your terminal:

# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add .worktrees/backport-2.4 2.4
# Navigate to the new working tree
cd .worktrees/backport-2.4
# Create a new branch
git switch --create backport/backport-3385-to-2.4
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 5fdf95fa368cbf6a51aef44135e8e909d9fc58f9
# Push it to GitHub
git push --set-upstream origin backport/backport-3385-to-2.4
# Go back to the original working tree
cd ../..
# Delete the working tree
git worktree remove .worktrees/backport-2.4

Then, create a pull request where the base branch is 2.4 and the compare/head branch is backport/backport-3385-to-2.4.

asifsmohammed added a commit to asifsmohammed/data-prepper that referenced this pull request Sep 27, 2023
* CVE fixes
CVE-2022-36944, WS-2023-0116, CVE-2021-39194, CVE-2023-3635, CVE-2023-36479, CVE-2023-40167

Signed-off-by: Asif Sohail Mohammed <[email protected]>

* Fix WS-2023-0236

Signed-off-by: Asif Sohail Mohammed <[email protected]>

---------

Signed-off-by: Asif Sohail Mohammed <[email protected]>
(cherry picked from commit 5fdf95f)
asifsmohammed added a commit to asifsmohammed/data-prepper that referenced this pull request Sep 27, 2023
* CVE fixes
CVE-2022-36944, WS-2023-0116, CVE-2021-39194, CVE-2023-3635, CVE-2023-36479, CVE-2023-40167

Signed-off-by: Asif Sohail Mohammed <[email protected]>

* Fix WS-2023-0236

Signed-off-by: Asif Sohail Mohammed <[email protected]>

---------

Signed-off-by: Asif Sohail Mohammed <[email protected]>
(cherry picked from commit 5fdf95f)
asifsmohammed added a commit that referenced this pull request Sep 27, 2023
* CVE fixes
CVE-2022-36944, WS-2023-0116, CVE-2021-39194, CVE-2023-3635, CVE-2023-36479, CVE-2023-40167

Signed-off-by: Asif Sohail Mohammed <[email protected]>

* Fix WS-2023-0236

Signed-off-by: Asif Sohail Mohammed <[email protected]>

---------

Signed-off-by: Asif Sohail Mohammed <[email protected]>
(cherry picked from commit 5fdf95f)
asifsmohammed added a commit to asifsmohammed/data-prepper that referenced this pull request Sep 27, 2023
* CVE fixes
CVE-2022-36944, WS-2023-0116, CVE-2021-39194, CVE-2023-3635, CVE-2023-36479, CVE-2023-40167

Signed-off-by: Asif Sohail Mohammed <[email protected]>

* Fix WS-2023-0236

Signed-off-by: Asif Sohail Mohammed <[email protected]>

---------

Signed-off-by: Asif Sohail Mohammed <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants