Skip to content

Fixed CVE-2026-33871 and CVE-2026-33870.#1685

Merged
peterzhuamazon merged 1 commit intoopensearch-project:mainfrom
AWSHurneyt:main-v3.6-cves
Apr 1, 2026
Merged

Fixed CVE-2026-33871 and CVE-2026-33870.#1685
peterzhuamazon merged 1 commit intoopensearch-project:mainfrom
AWSHurneyt:main-v3.6-cves

Conversation

@AWSHurneyt
Copy link
Copy Markdown
Collaborator

@AWSHurneyt AWSHurneyt commented Apr 1, 2026

Description

Updated security analytics commons jar following CVE-2026-33871 and CVE-2026-33870 fixes in https://github.com/opensearch-project/security-analytics-commons/pull/33.

Related Issues

Resolves #[Issue number to be closed when this PR is merged]

Check List

  • New functionality includes testing.
  • New functionality has been documented.
  • API changes companion pull request created.
  • Commits are signed per the DCO using --signoff.
  • Public documentation issue/PR created.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@AWSHurneyt
Updated security analytics commons jar.
10f5949 
Signed-off-by: Thomas Hurney <hurneyt@amazon.com>
@AWSHurneyt AWSHurneyt marked this pull request as ready for review April 1, 2026 20:48
@peterzhuamazon peterzhuamazon merged commit 3741b55 into opensearch-project:main Apr 1, 2026
17 of 18 checks passed
opensearch-trigger-bot bot pushed a commit that referenced this pull request Apr 1, 2026
@github-actions
Updated security analytics commons jar. (#1685)
37cfa00 
Signed-off-by: Thomas Hurney <hurneyt@amazon.com>
(cherry picked from commit 3741b55)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
@opensearch-trigger-bot opensearch-trigger-bot bot mentioned this pull request Apr 1, 2026
Merged
peterzhuamazon pushed a commit that referenced this pull request Apr 1, 2026
@opensearch-trigger-bot @github-actions
Updated security analytics commons jar. (#1685) (#1686)
9a3cbac 
(cherry picked from commit 3741b55)

Signed-off-by: Thomas Hurney <hurneyt@amazon.com>
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@peterzhuamazon peterzhuamazon peterzhuamazon approved these changes

@toepkerd toepkerd toepkerd approved these changes

@amsiglan amsiglan Awaiting requested review from amsiglan amsiglan is a code owner

@getsaurabh02 getsaurabh02 Awaiting requested review from getsaurabh02 getsaurabh02 is a code owner

@lezzago lezzago Awaiting requested review from lezzago lezzago is a code owner

@praveensameneni praveensameneni Awaiting requested review from praveensameneni praveensameneni is a code owner

@sbcd90 sbcd90 Awaiting requested review from sbcd90 sbcd90 is a code owner

@eirsep eirsep Awaiting requested review from eirsep eirsep is a code owner

@jowg-amazon jowg-amazon Awaiting requested review from jowg-amazon jowg-amazon is a code owner

@engechas engechas Awaiting requested review from engechas engechas is a code owner

@goyamegh goyamegh Awaiting requested review from goyamegh goyamegh is a code owner

@riysaxen-amzn riysaxen-amzn Awaiting requested review from riysaxen-amzn riysaxen-amzn is a code owner

Assignees

No one assigned

Labels

backport 3.6

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@AWSHurneyt @peterzhuamazon @toepkerd