Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
…VE-2023-6378 (#4051) ### Description This change forces is a manual backport of the same type of change in #4049 . Instead of excluding the the logback-classic and logback-core transient dependencies we now just force them to be versions 1.2.13. This resolves CVE-2023-6378 ### Check List - [ ] ~New functionality includes testing~ - [ ] ~New functionality has been documented~ - [x] Commits are signed per the DCO using --signoff By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. For more information on following Developer Certificate of Origin and signing off your commits, please check [here](https://github.com/opensearch-project/OpenSearch/blob/main/CONTRIBUTING.md#developer-certificate-of-origin). --------- Signed-off-by: Stephen Crawford <[email protected]>
- Loading branch information