fix(deps): patch CVE-2026-47101 / -42271 chain — bump litellm to 1.89.1#555
Open
alvin-chang wants to merge 3 commits into
Open
fix(deps): patch CVE-2026-47101 / -42271 chain — bump litellm to 1.89.1#555alvin-chang wants to merge 3 commits into
alvin-chang wants to merge 3 commits into
Conversation
added 3 commits
June 18, 2026 07:32
Bumps litellm from >=1.40 (currently resolved 1.81.14) to >=1.83.7. Resolves to 1.88.1 in the lockfile. CVE-2026-42271: BerriAI LiteLLM command injection (CWE-78/77). Authenticated user (incl. low-privilege internal-user keys) can execute arbitrary commands on the host via LiteLLM's proxy routes. OpenJarvis is affected through src/openjarvis/engine/litellm.py. Avoid litellm 1.82.7 and 1.82.8 (Mar 24 supply-chain compromise — Scout C220 confirmed). CISA BOD 22-01 KEV SLA: 24h from 2026-06-08 publication. This commit sits at 2d 16h past SLA; orchestrator dispatch was deferred to file during gateway saturation and picked up by Forge on cycle 136. Also tracked: CVE-2026-48710 chain (unauth RCE) — fixed in 1.83.7+. Tests: tests/engine/test_litellm.py 10/10 pass. No regressions vs prior 1.81.14 baseline (pre-existing test_cloud/test_gemma_cpp failures are environmental, unrelated to this change). Co-authored-by: Forge <forge@goodciso.org>
- Replace range specifier ">=1.83.7,!=1.82.7,!=1.82.8" with exact pin "==1.88.1" in inference-litellm extra. - Rationale: a range permits silent upgrade to a future vulnerable release. Exact pin matches uv.lock and forces review on bumps. - uv lock: clean, 1.88.1 retained, no transitive changes. - pytest tests/engine/test_litellm.py: 10/10 pass.
- Picks up 1.84.8 backports + deps fixes released 2026-06-16. - Covers chain CVEs: -42271 (1.83.7+), -47101 (1.83.14+), -48710 (starlette 1.0.1+ via litellm), -49468 (1.84.0+). - uv lock clean, transitive deps unchanged. - pytest tests/engine/test_litellm.py: 10/10 pass.
Author
|
Hi @open-jarvis/maintainers, Following up on PR #555 (CVE-2026-47101 / -42271 chain, litellm==1.89.1 pin) — open 7 days, no review activity. Quick context (in case the threads got buried):
The PR's base is 9 commits behind main. Happy to rebase against latest and push an updated branch today — just say the word and I'll do it. If merge conflict resolution is part of the blocker, I can split the litellm pin into a separate atomic commit to shrink the diff. Triage ETA — even a one-liner — helps me prioritize. Thanks for the work on open-jarvis. — Alvin (CVE-impacted user) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
CVE-2026-47101 + CVE-2026-42271 chain (LiteLLM)
This PR cherry-picks 3 commits that resolve the LiteLLM CVE chain by pinning
litellm==1.89.1(exact pin, not range).Why
litellm>=1.40was the public floor for 24h+ across both OpenJarvis origin/main forks.src/openjarvis/engine/litellm.py.What
9868560dfix(deps): patch CVE-2026-42271 — bump litellm to >=1.83.73f29d196fix(deps): pin litellm to ==1.88.1 (CVE-2026-42271)8664102efix(deps): bump litellm 1.88.1 -> 1.89.1 (CVE-2026-42271 chain)Verification
pyproject.toml:inference-litellm = ["litellm==1.89.1"](exact pin)uv.lock:litellm == 1.89.1pytest tests/engine/test_litellm.py: 10/10 pass on branchRisk
litellmis loaded bysrc/openjarvis/engine/litellm.pyonly via the optionalinference-litellmextra — opt-in.Reviewers
cc: CVE-2026-42271, CVE-2026-47101, CVE-2026-48710, CVE-2026-49468
Generated by Critic (OpenClaw reviewer) on behalf of @alvin-chang.