Skip to content

Commit

Permalink
Backport Bouncy Castle Upgrade
Browse files Browse the repository at this point in the history
Signed-off-by: Stephen Crawford <[email protected]>
  • Loading branch information
stephen-crawford committed Feb 14, 2024
1 parent 4bcdc67 commit 228ebde
Show file tree
Hide file tree
Showing 20 changed files with 23 additions and 9 deletions.
14 changes: 14 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,21 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- Introduce query level setting `index.query.max_nested_depth` limiting nested queries ([#3268](https://github.com/opensearch-project/OpenSearch/issues/3268)

### Dependencies
- Bumps jetty version to 9.4.52.v20230823 to fix GMS-2023-1857 ([#9822](https://github.com/opensearch-project/OpenSearch/pull/9822))
- Bump `netty` from 4.1.99.Final to 4.1.100.Final ([#10564](https://github.com/opensearch-project/OpenSearch/pull/10564))
- Bump Lucene from 9.7.0 to 9.8.0 ([10276](https://github.com/opensearch-project/OpenSearch/pull/10276))
- Bump `commons-io:commons-io` from 2.13.0 to 2.14.0 ([#10294](https://github.com/opensearch-project/OpenSearch/pull/10294))
- Bump `com.google.api.grpc:proto-google-common-protos` from 2.25.0 to 2.25.1 ([#10298](https://github.com/opensearch-project/OpenSearch/pull/10298))
- Bump `de.thetaphi:forbiddenapis` from 3.5.1 to 3.6 ([#10508](https://github.com/opensearch-project/OpenSearch/pull/10508))
- Bump OpenTelemetry from 1.30.1 to 1.31.0 ([#10617](https://github.com/opensearch-project/OpenSearch/pull/10617))
- Bump `org.codehaus.woodstox:stax2-api` from 4.2.1 to 4.2.2 ([#10639](https://github.com/opensearch-project/OpenSearch/pull/10639))
- Bump `org.bouncycastle:bc-fips` from 1.0.2.3 to 1.0.2.4 ([#10297](https://github.com/opensearch-project/OpenSearch/pull/10297))
- Bump `org.apache.logging.log4j:log4j-core` from 2.20.0 to 2.21.1 ([#10858](https://github.com/opensearch-project/OpenSearch/pull/10858), [#11000](https://github.com/opensearch-project/OpenSearch/pull/11000))
- Bump `aws-actions/configure-aws-credentials` from 2 to 4 ([#10504](https://github.com/opensearch-project/OpenSearch/pull/10504))
- Bump `com.squareup.okio:okio` from 3.7.0 to 3.8.0 ([#12290](https://github.com/opensearch-project/OpenSearch/pull/12290))
- Bump `org.bouncycastle:bcprov-jdk15to18` to `org.bouncycastle:bcprov-jdk18on` version 1.77 ([#12317](https://github.com/opensearch-project/OpenSearch/pull/12317))
- Bump `org.bouncycastle:bcmail-jdk15to18` to `org.bouncycastle:bcmail-jdk18on` version 1.77 ([#12317](https://github.com/opensearch-project/OpenSearch/pull/12317))
- Bump `org.bouncycastle:bcpkix-jdk15to18` to `org.bouncycastle:bcpkix-jdk18on` version 1.77 ([#12317](https://github.com/opensearch-project/OpenSearch/pull/12317))

### Changed

Expand Down
2 changes: 1 addition & 1 deletion buildSrc/version.properties
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ reactivestreams = 1.0.4
# when updating this version, you need to ensure compatibility with:
# - plugins/ingest-attachment (transitive dependency, check the upstream POM)
# - distribution/tools/plugin-cli
bouncycastle=1.76
bouncycastle=1.77
# test dependencies
randomizedrunner = 2.7.1
junit = 4.13.2
Expand Down
2 changes: 1 addition & 1 deletion plugins/identity-shiro/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ dependencies {

implementation 'org.passay:passay:1.6.3'

implementation "org.bouncycastle:bcprov-jdk15to18:${versions.bouncycastle}"
implementation "org.bouncycastle:bcprov-jdk18on:${versions.bouncycastle}"

testImplementation project(path: ':modules:transport-netty4') // for http
testImplementation project(path: ':plugins:transport-nio') // for http
Expand Down

This file was deleted.

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
2cc971b6c20949c1ff98d1a4bc741ee848a09523
6 changes: 3 additions & 3 deletions plugins/ingest-attachment/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -71,9 +71,9 @@ dependencies {
api "org.apache.pdfbox:fontbox:${versions.pdfbox}"
api "org.apache.pdfbox:jempbox:1.8.17"
api "commons-logging:commons-logging:${versions.commonslogging}"
api "org.bouncycastle:bcmail-jdk15to18:${versions.bouncycastle}"
api "org.bouncycastle:bcprov-jdk15to18:${versions.bouncycastle}"
api "org.bouncycastle:bcpkix-jdk15to18:${versions.bouncycastle}"
api "org.bouncycastle:bcmail-jdk18on:${versions.bouncycastle}"
api "org.bouncycastle:bcprov-jdk18on:${versions.bouncycastle}"
api "org.bouncycastle:bcpkix-jdk18on:${versions.bouncycastle}"
// OpenOffice
api "org.apache.poi:poi-ooxml:${versions.poi}"
api "org.apache.poi:poi:${versions.poi}"
Expand Down

This file was deleted.

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
f2bb8aa55dc901ee8b8aae7d1007c03592d65e03

This file was deleted.

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
ed953791ba0229747dd0fd9911e3d76a462acfd3

This file was deleted.

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
2cc971b6c20949c1ff98d1a4bc741ee848a09523

0 comments on commit 228ebde

Please sign in to comment.