Skip to content

Commit

Permalink
Upgrade logback-classic to address CVE CVE-2023-6378 (opensearch-proj…
Browse files Browse the repository at this point in the history 
…ect#3801)

### Description
Force resolve logback-classic to 1.3.12 to address
GHSA-vmq6-5m68-f53m

### Issues Resolved
[List any issues this PR will resolve]

Is this a backport? If so, please add backport PR # and/or commits #

### Testing
[Please provide details of testing done: unit testing, integration
testing and manual testing]

### Check List
- [ ] New functionality includes testing
- [ ] New functionality has been documented
- [ ] Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and
signing off your commits, please check
[here](https://github.com/opensearch-project/OpenSearch/blob/main/CONTRIBUTING.md#developer-certificate-of-origin).

Signed-off-by: Derek Ho <[email protected]>
  • Loading branch information
@derek-ho
derek-ho authored Dec 5, 2023
1 parent 256d456 commit 2abd71b
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -497,6 +497,7 @@ configurations {
force "org.apache.httpcomponents:httpcore:4.4.16"
force "com.google.errorprone:error_prone_annotations:2.23.0"
force "org.checkerframework:checker-qual:3.40.0"
force "ch.qos.logback:logback-classic:1.3.12"
}
}

Expand Down

0 comments on commit 2abd71b

Please sign in to comment.