Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Force version 3.29.0 of org.eclipse.core.runtime to address CVE vulnerabilities #3313

Merged
merged 1 commit into from
Jan 2, 2025
Merged

Force version 3.29.0 of org.eclipse.core.runtime to address CVE vulnerabilities #3313

merged 1 commit into from
Jan 2, 2025

Conversation

rithin-pullela-aws
Copy link
Contributor

Description

Address CVE vulnerability in plugin/build.gradle: org.eclipse.core.runtime-3.26.100.jar by forcing version 3.29.0

Related Issues

Resolves #[Issue number to be closed when this PR is merged]

Check List

  • New functionality includes testing.
  • New functionality has been documented.
  • API changes companion pull request created.
  • Commits are signed per the DCO using --signoff.
  • Public documentation issue/PR created.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@rithin-pullela-aws rithin-pullela-aws temporarily deployed to ml-commons-cicd-env-require-approval December 31, 2024 18:46 — with GitHub Actions Inactive
@rithin-pullela-aws rithin-pullela-aws temporarily deployed to ml-commons-cicd-env-require-approval December 31, 2024 18:46 — with GitHub Actions Inactive
@dhrubo-os
Copy link
Collaborator

Cool, looks like Mend Security Check is Successful. While you are working on CVE, let's look into this too: #1865

@rithin-pullela-aws rithin-pullela-aws temporarily deployed to ml-commons-cicd-env-require-approval December 31, 2024 19:45 — with GitHub Actions Inactive
@dhrubo-os dhrubo-os merged commit 7af78b0 into opensearch-project:main Jan 2, 2025
9 checks passed
opensearch-trigger-bot bot pushed a commit that referenced this pull request Jan 2, 2025
@rithin-pullela-aws @github-actions
Force version 3.29.0 of org.eclipse.core.runtime to mitigate CVE vuln…
9a423fd 
…erabilities (#3313)

Signed-off-by: rithin-pullela-aws <[email protected]>
(cherry picked from commit 7af78b0)
@opensearch-trigger-bot opensearch-trigger-bot bot mentioned this pull request Jan 2, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mingshl mingshl mingshl approved these changes

@dhrubo-os dhrubo-os dhrubo-os approved these changes

@b4sjoo b4sjoo Awaiting requested review from b4sjoo b4sjoo is a code owner

@jngz-es jngz-es Awaiting requested review from jngz-es jngz-es is a code owner

@model-collapse model-collapse Awaiting requested review from model-collapse model-collapse is a code owner

@rbhavna rbhavna Awaiting requested review from rbhavna rbhavna is a code owner

@ylwu-amzn ylwu-amzn Awaiting requested review from ylwu-amzn ylwu-amzn is a code owner

@zane-neo zane-neo Awaiting requested review from zane-neo zane-neo is a code owner

@Zhangxunmt Zhangxunmt Awaiting requested review from Zhangxunmt Zhangxunmt is a code owner

@austintlee austintlee Awaiting requested review from austintlee austintlee is a code owner

@HenryL27 HenryL27 Awaiting requested review from HenryL27 HenryL27 is a code owner

@xinyual xinyual Awaiting requested review from xinyual xinyual is a code owner

Assignees
No one assigned
Labels
backport 2.x
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@rithin-pullela-aws @dhrubo-os @mingshl