Update to Logback 1.4.14 in performance test and sample app to fix CV…

…E-2023-6481. Resolves #3817. (#3819) (#3820) Signed-off-by: David Venable <[email protected]> (cherry picked from commit 3d4d769) Co-authored-by: David Venable <[email protected]>
opensearch-project · Dec 7, 2023 · 78088fb · 78088fb
1 parent e9145f4
commit 78088fb
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/examples/trace-analytics-sample-app/sample-app/analytics-service/build.gradle b/examples/trace-analytics-sample-app/sample-app/analytics-service/build.gradle
@@ -31,7 +31,7 @@ configurations.all {
             details.useVersion '10.1.14'
             details.because('Fixes CVE-2023-44487')
         } else if (details.requested.group == 'ch.qos.logback') {
-            details.useVersion '1.4.12'
+            details.useVersion '1.4.14'
             details.because('Fixes CVE-2023-6378')
         }
     }

diff --git a/performance-test/build.gradle b/performance-test/build.gradle
@@ -26,13 +26,13 @@ dependencies {
     constraints {
         gatling('ch.qos.logback:logback-classic') {
             version {
-                require '1.4.12'
+                require '1.4.14'
             }
             because 'Fixes CVE-2023-6378'
         }
         gatling('ch.qos.logback:logback-core') {
             version {
-                require '1.4.12'
+                require '1.4.14'
             }
             because 'Keeps the version synced with logback-classic.'
         }