OpenSearch icon indicating copy to clipboard operation
OpenSearch copied to clipboard

Published 20 hours ago • verified publisher icon opensearch-project

[Backport][1.3] Upgrade BouncyCastle from 1.75 to 1.78.1 (CVE-2024-30172, CVE-2024-30171 and CVE-2024-29857)

Open mwilso3 opened this issue 1 year ago • 15 comments

Description

Backporting all BouncyCastle upgrades from 1.75 to 1.78.1.

Related Issues

Resolves CVE-2024-30172, CVE-2024-30171 and CVE-2024-29857.

Check List

  • [x] Failing checks are inspected and point to the corresponding known issue(s) (See: Troubleshooting Failing Builds)
  • [x] Commits are signed per the DCO using --signoff
  • [x] Commit changes are listed out in CHANGELOG.md file (See: Changelog)
  • [x] Public documentation issue/PR created

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. For more information on following Developer Certificate of Origin and signing off your commits, please check here.

mwilso3 avatar May 01 '24 05:05 mwilso3

Gradle Check (Jenkins) Run Completed with:

  • RESULT: FAILURE :x:
  • URL: https://build.ci.opensearch.org/job/gradle-check/38121/
  • CommitID: 6115adcf56d444ecf026c2cceeab820f6c386445

github-actions[bot] avatar May 01 '24 05:05 github-actions[bot]

Gradle Check (Jenkins) Run Completed with:

  • RESULT: FAILURE :x:
  • URL: https://build.ci.opensearch.org/job/gradle-check/38122/
  • CommitID: 4ab9346eee78732e13a16248b4dabdf861fb415d

github-actions[bot] avatar May 01 '24 06:05 github-actions[bot]

Gradle Check (Jenkins) Run Completed with:

  • RESULT: FAILURE :x:
  • URL: https://build.ci.opensearch.org/job/gradle-check/38123/
  • CommitID: 4819872c7d917f4a26c28a487e09c17f5b6a8c36

github-actions[bot] avatar May 01 '24 06:05 github-actions[bot]

Gradle Check (Jenkins) Run Completed with:

  • RESULT: FAILURE :x:
  • URL: https://build.ci.opensearch.org/job/gradle-check/38124/
  • CommitID: 83aab52fe746b559334e8dd5d0d5deb639417e79

github-actions[bot] avatar May 01 '24 06:05 github-actions[bot]

Gradle Check (Jenkins) Run Completed with:

  • RESULT: FAILURE :x:
  • URL: https://build.ci.opensearch.org/job/gradle-check/38125/
  • CommitID: 2faec2e2556e93690590f8630264d7e6ae333b71

github-actions[bot] avatar May 01 '24 06:05 github-actions[bot]

Gradle Check (Jenkins) Run Completed with:

  • RESULT: FAILURE :x:
  • URL: https://build.ci.opensearch.org/job/gradle-check/38126/
  • CommitID: c04d0b9d0218f7c79174ae73ce56d8c5acf56ac3

github-actions[bot] avatar May 01 '24 06:05 github-actions[bot]

Gradle Check (Jenkins) Run Completed with:

  • RESULT: FAILURE :x:
  • URL: https://build.ci.opensearch.org/job/gradle-check/38171/
  • CommitID: cb42a5527715f36dd9779ab9707a8002855b6ecc

github-actions[bot] avatar May 01 '24 22:05 github-actions[bot]

Gradle Check (Jenkins) Run Completed with:

  • RESULT: FAILURE :x:
  • URL: https://build.ci.opensearch.org/job/gradle-check/38172/
  • CommitID: d1969d322ee808aa875f072a80690271e38c6fd0

github-actions[bot] avatar May 01 '24 22:05 github-actions[bot]

Gradle Check (Jenkins) Run Completed with:

  • RESULT: FAILURE :x:
  • URL: https://build.ci.opensearch.org/job/gradle-check/38188/
  • CommitID: 61b9605547f5fcb855c29cd93c98a4b20741d8ba

github-actions[bot] avatar May 02 '24 05:05 github-actions[bot]

Gradle Check (Jenkins) Run Completed with:

  • RESULT: FAILURE :x:
  • URL: https://build.ci.opensearch.org/job/gradle-check/38187/
  • CommitID: 7e32318932b3b125177849dda541e1f5ba626200

github-actions[bot] avatar May 02 '24 05:05 github-actions[bot]

Gradle Check (Jenkins) Run Completed with:

  • RESULT: FAILURE :x:
  • URL: https://build.ci.opensearch.org/job/gradle-check/38263/
  • CommitID: 8c43d5dadbf633621df2b1b6a4a93872f55a5d89

github-actions[bot] avatar May 03 '24 04:05 github-actions[bot]

Alrighty, build should be good - passing locally. Should be good for final review.

Post merge, how are releases co-ordinated and what's the cadence like with patch releases?

@reta @dblock @bbarani

mwilso3 avatar May 03 '24 04:05 mwilso3

Gradle Check (Jenkins) Run Completed with:

  • RESULT: FAILURE :x:
  • URL: https://build.ci.opensearch.org/job/gradle-check/38264/
  • CommitID: 79bb137b5cdba4e82df62ef8b79015235a79bf4e

github-actions[bot] avatar May 03 '24 04:05 github-actions[bot]

Gradle Check (Jenkins) Run Completed with:

  • RESULT: UNSTABLE :white_check_mark:
  • URL: https://build.ci.opensearch.org/job/gradle-check/38266/
  • CommitID: fd1a38932e24c2e99a8830a9ddcede4f59360442

github-actions[bot] avatar May 03 '24 04:05 github-actions[bot]

Gradle Check (Jenkins) Run Completed with:

  • RESULT: SUCCESS :white_check_mark:
  • URL: https://build.ci.opensearch.org/job/gradle-check/38267/
  • CommitID: 230a392247a74e17c9c0fc26081dd01a33702c92

github-actions[bot] avatar May 03 '24 04:05 github-actions[bot]

Post merge, how are releases co-ordinated and what's the cadence like with patch releases?

Thanks a lot @mwilso3 , please check [1] for release schedules.

[1] https://opensearch.org/releases.html

reta avatar May 03 '24 11:05 reta

Gradle Check (Jenkins) Run Completed with:

  • RESULT: SUCCESS :white_check_mark:
  • URL: https://build.ci.opensearch.org/job/gradle-check/38348/
  • CommitID: c76ea32d7e0d8d00f27f46738ae9e0e4f1e2683a

github-actions[bot] avatar May 05 '24 23:05 github-actions[bot]