From b23f0c17cc8380af5522a1081ff23ad90cbda3dd Mon Sep 17 00:00:00 2001 From: Gagan Juneja Date: Mon, 9 Dec 2024 21:32:28 +0530 Subject: [PATCH] Fixes CVE-2024-7254 (#773) * fixes CVE Signed-off-by: Gagan Juneja * fixes CVE Signed-off-by: Gagan Juneja --------- Signed-off-by: Gagan Juneja Co-authored-by: Gagan Juneja --- build.gradle | 2 +- ...ensearch-performance-analyzer.release-notes-1.3.20.0.md | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) create mode 100644 release-notes/opensearch-performance-analyzer.release-notes-1.3.20.0.md diff --git a/build.gradle b/build.gradle index 08bb985f..b82cc3cf 100644 --- a/build.gradle +++ b/build.gradle @@ -246,7 +246,7 @@ dependencies { compile(group: 'com.google.errorprone', name: 'error_prone_annotations', version: '2.9.0') { force = 'true' } - compile(group: 'com.google.protobuf', name:'protobuf-java', version: '3.21.8') { + compile(group: 'com.google.protobuf', name:'protobuf-java', version: '3.25.5') { force = 'true' } compile("io.netty:netty-buffer:${nettyVersion}") { diff --git a/release-notes/opensearch-performance-analyzer.release-notes-1.3.20.0.md b/release-notes/opensearch-performance-analyzer.release-notes-1.3.20.0.md new file mode 100644 index 00000000..c1322f5b --- /dev/null +++ b/release-notes/opensearch-performance-analyzer.release-notes-1.3.20.0.md @@ -0,0 +1,7 @@ +## Version 1.3.20 Release Notes + +Compatible with OpenSearch 1.3.20 + +### Infrastructure + +* Upgrade protobuf version to 3.25.5 ([#773](https://github.com/opensearch-project/performance-analyzer/pull/773))