Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Backport 1.x] Bump Tika from 2.4.0 to 2.5.0 addressing CVE-2022-33879 #4929

Merged
merged 2 commits into from
Oct 26, 2022
Merged

[Backport 1.x] Bump Tika from 2.4.0 to 2.5.0 addressing CVE-2022-33879 #4929

merged 2 commits into from
Oct 26, 2022

Conversation

VachaShah
Copy link
Collaborator

Description

Backport #4791 to 1.x

Issues Resolved

[List any issues this PR will resolve]

Check List

  • New functionality includes testing.
    • All tests pass
  • New functionality has been documented.
    • New functionality has javadoc added
  • Commits are signed per the DCO using --signoff
  • Commit changes are listed out in CHANGELOG.md file (See: Changelog)

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@mch2 @VachaShah
Bump Tika from 2.4.0 to 2.5.0 addressing CVE-2022-33879. (opensearch-…
36a9910 
…project#4791)

* Bump Tika from 2.4.0 to 2.5.0 addressing CVE-2022-33879.

Signed-off-by: Marc Handalian <handalm@amazon.com>

* Add missing SHAs.

Signed-off-by: Marc Handalian <handalm@amazon.com>

* Update changelog with PR info.

Signed-off-by: Marc Handalian <handalm@amazon.com>

Signed-off-by: Marc Handalian <handalm@amazon.com>
Signed-off-by: Vacha Shah <vachshah@amazon.com>
@VachaShah VachaShah requested review from a team and reta as code owners October 26, 2022 06:15
@VachaShah VachaShah changed the title 1.x [Backport 1.x] Bump Tika from 2.4.0 to 2.5.0 addressing CVE-2022-33879 Oct 26, 2022
@VachaShah
Update CHANGELOG
bdfeac6 
Signed-off-by: Vacha Shah <vachshah@amazon.com>
@github-actions
Copy link
Contributor

Gradle Check (Jenkins) Run Completed with:

@github-actions
Copy link
Contributor

Gradle Check (Jenkins) Run Completed with:

@codecov-commenter
Copy link

Codecov Report

Merging #4929 (bdfeac6) into 1.x (7dd9b2a) will increase coverage by 0.04%.
The diff coverage is n/a.

@@             Coverage Diff              @@
##                1.x    #4929      +/-   ##
============================================
+ Coverage     77.86%   77.91%   +0.04%     
- Complexity    63433    63479      +46     
============================================
  Files          4453     4453              
  Lines        275011   275011              
  Branches      41172    41172              
============================================
+ Hits         214137   214268     +131     
+ Misses        43933    43829     -104     
+ Partials      16941    16914      -27
Impacted Files Coverage Δ
...ava/org/opensearch/action/NoSuchNodeException.java 0.00% <0.00%> (-50.00%) ⬇️
...java/org/opensearch/script/ScriptContextStats.java 33.33% <0.00%> (-40.01%) ⬇️
.../opensearch/index/stats/IndexingPressureStats.java 61.03% <0.00%> (-35.07%) ⬇️
...search/index/stats/ShardIndexingPressureStats.java 42.30% <0.00%> (-30.77%) ⬇️
.../opensearch/common/breaker/NoopCircuitBreaker.java 61.53% <0.00%> (-30.77%) ⬇️
.../opensearch/indices/InvalidAliasNameException.java 62.50% <0.00%> (-25.00%) ⬇️
...va/org/opensearch/monitor/process/ProcessInfo.java 68.00% <0.00%> (-24.00%) ⬇️
...adcast/BroadcastShardOperationFailedException.java 77.77% <0.00%> (-22.23%) ⬇️
...ain/java/org/opensearch/http/nio/ByteBufUtils.java 42.85% <0.00%> (-19.05%) ⬇️
.../search/aggregations/bucket/range/ParsedRange.java 72.50% <0.00%> (-18.75%) ⬇️
... and 454 more

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

@VachaShah VachaShah requested a review from mch2 October 26, 2022 06:46
@reta reta merged commit c3d23ca into opensearch-project:1.x Oct 26, 2022
@ryanbogan ryanbogan added the backport 1.3 Backport to 1.3 branch label Jan 26, 2023
@ryanbogan ryanbogan mentioned this pull request Jan 27, 2023
Closed
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@reta reta reta approved these changes

@mch2 mch2 Awaiting requested review from mch2 mch2 is a code owner

Assignees
No one assigned
Labels
backport 1.3 Backport to 1.3 branch
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@VachaShah @codecov-commenter @reta @ryanbogan @mch2