Merge pull request #696 from folio-org/MSEARCH-889-opensearch-2.18.0

fix(deps): MSEARCH-889: opensearch 2.18.0 fixing protobuf-java vuln (CVE-2024-7254)
folio-org · Nov 21, 2024 · c1c709e · c1c709e
2 parents 7473f32 + 6e0ef34
commit c1c709e
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/NEWS.md b/NEWS.md
@@ -17,7 +17,7 @@
 * Description ([ISSUE](https://folio-org.atlassian.net/browse/ISSUE))
 
 ### Dependencies
-* Bump `LIB_NAME` from `OLD_VERSION` to `NEW_VERSION`
+* Bump `opensearch` from `2.17.1` to `2.18.0` fixing protobuf-java CVE-2024-7254 ([MSEARCH-889](https://folio-org.atlassian.net/browse/MSEARCH-889))
 * Add `LIB_NAME VERSION`
 * Remove `LIB_NAME`
 

diff --git a/pom.xml b/pom.xml
@@ -38,7 +38,7 @@
     <folio-service-tools.version>4.2.0-SNAPSHOT</folio-service-tools.version>
     <folio-isbn-utils.version>1.7.0-SNAPSHOT</folio-isbn-utils.version>
     <folio-cql2pgjson.version>35.3.0</folio-cql2pgjson.version>
-    <opensearch.version>2.17.1</opensearch.version>
+    <opensearch.version>2.18.0</opensearch.version>
     <mapstruct.version>1.6.2</mapstruct.version>
     <apache-commons-io.version>2.17.0</apache-commons-io.version>
     <apache-commons-collections.version>4.4</apache-commons-collections.version>