Skip to content

[CVE-2023-25806] Flatten response times #2471

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Feb 23, 2023
Merged

[CVE-2023-25806] Flatten response times #2471

merged 2 commits into from
Feb 23, 2023

Conversation

@stephen-crawford
Copy link
Contributor

@stephen-crawford stephen-crawford commented Feb 22, 2023
edited by peternied
Loading

Description

Flattens response times in InternalAuthBackend

This pull request resolves CVE-2023-25806 [link]

Testing

Adds a new set of tests in InternalAuthBackendTests.java

Check List

  • New functionality includes testing
  • New functionality has been documented
  • Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@stephen-crawford
Flatten response times
fbb1ee8 
Signed-off-by: Stephen Crawford <steecraw@amazon.com>
@stephen-crawford stephen-crawford added backport 1.x backport to 1.x branch backport 1.3 backport to 1.3 branch backport 2.x backport 2.6 backport to 2.6 branch labels Feb 22, 2023
@stephen-crawford
Spotless
8f292b5 
Signed-off-by: Stephen Crawford <steecraw@amazon.com>
@stephen-crawford stephen-crawford removed the backport 2.6 backport to 2.6 branch label Feb 22, 2023
@peternied peternied merged commit 2df8acd into opensearch-project:main Feb 23, 2023
opensearch-trigger-bot bot pushed a commit that referenced this pull request Feb 23, 2023
@stephen-crawford @github-actions
Flatten response times (#2471)
d65bdcd 
(cherry picked from commit 2df8acd)
@opensearch-trigger-bot opensearch-trigger-bot bot mentioned this pull request Feb 23, 2023
Merged
opensearch-trigger-bot bot pushed a commit that referenced this pull request Feb 23, 2023
@stephen-crawford @github-actions
Flatten response times (#2471)
9034860 
(cherry picked from commit 2df8acd)
@opensearch-trigger-bot opensearch-trigger-bot bot mentioned this pull request Feb 23, 2023
Merged
opensearch-trigger-bot bot pushed a commit that referenced this pull request Feb 23, 2023
@stephen-crawford @github-actions
Flatten response times (#2471)
74dad88 
(cherry picked from commit 2df8acd)
@opensearch-trigger-bot opensearch-trigger-bot bot mentioned this pull request Feb 23, 2023
Merged
peternied pushed a commit that referenced this pull request Feb 23, 2023
@opensearch-trigger-bot @stephen-crawford
Flatten response times (#2471) (#2476)
5f4cbc4 
(cherry picked from commit 2df8acd)

Co-authored-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
peternied pushed a commit that referenced this pull request Feb 23, 2023
@opensearch-trigger-bot @stephen-crawford
Flatten response times (#2471) (#2475)
faaa5ad 
(cherry picked from commit 2df8acd)

Co-authored-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
stephen-crawford added a commit that referenced this pull request Feb 27, 2023
@opensearch-trigger-bot @stephen-crawford @cwperks
Flatten response times (#2471) (#2477)
9919146 
(cherry picked from commit 2df8acd)

Co-authored-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
Co-authored-by: Craig Perkins <cwperx@amazon.com>
@peternied peternied changed the title Flatten response times [CVE-2023-25806] Flatten response times Mar 1, 2023
@stephen-crawford stephen-crawford deleted the flatten-response-times branch March 2, 2023 15:00
Rishikesh1159 added a commit to Rishikesh1159/security that referenced this pull request Mar 15, 2023
@Rishikesh1159
Revert "Flatten response times (opensearch-project#2471) (opensearch-…
6af9aed 
…project#2477)"

This reverts commit 9919146.
MaciejMierzwa pushed a commit to MaciejMierzwa/security that referenced this pull request Apr 27, 2023
@stephen-crawford @MaciejMierzwa
Flatten response times (opensearch-project#2471)
0c0d4d4 
Signed-off-by: Maciej Mierzwa <dev.maciej.mierzwa@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@peternied peternied peternied approved these changes

@RyanL1997 RyanL1997 RyanL1997 approved these changes

@cliu123 cliu123 Awaiting requested review from cliu123

@cwperks cwperks Awaiting requested review from cwperks cwperks is a code owner

@DarshitChanpura DarshitChanpura Awaiting requested review from DarshitChanpura DarshitChanpura is a code owner

@davidlago davidlago Awaiting requested review from davidlago

Assignees

No one assigned

Labels

backport 1.x backport to 1.x branch backport 1.3 backport to 1.3 branch

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@stephen-crawford @peternied @RyanL1997