From ef343d769439f510aba6f20b7746bbcf5f42e377 Mon Sep 17 00:00:00 2001
From: Poojita Raj <poojiraj@amazon.com>
Date: Thu, 21 Sep 2023 06:20:23 -0700
Subject: [PATCH] Bump version of jgit to 6.7.0.202309050840-r to fix
 CVE-2023-4759 (#10147)

* change dependency version of jgit

Signed-off-by: Poojita Raj <poojiraj@amazon.com>

* add changelog

Signed-off-by: Poojita Raj <poojiraj@amazon.com>

---------

Signed-off-by: Poojita Raj <poojiraj@amazon.com>
---
 CHANGELOG.md          | 3 ++-
 buildSrc/build.gradle | 4 ++++
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 10205ae20c001..18b675c264718 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -42,6 +42,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 - Bump `org.bouncycastle:bcpkix-jdk15on` to `org.bouncycastle:bcpkix-jdk15to18` version 1.75 ([#8247](https://github.com/opensearch-project/OpenSearch/pull/8247))
 - Bump JNA version from 5.5 to 5.13 ([#9963](https://github.com/opensearch-project/OpenSearch/pull/9963))
 - Bumps jetty version to 9.4.52.v20230823 to fix GMS-2023-1857 ([#9822](https://github.com/opensearch-project/OpenSearch/pull/9822))
+- Bump `org.eclipse.jgit` from 6.5.0 to 6.7.0 ([#10147](https://github.com/opensearch-project/OpenSearch/pull/10147))
 
 ### Changed
 - [CCR] Add getHistoryOperationsFromTranslog method to fetch the history snapshot from translogs ([#3948](https://github.com/opensearch-project/OpenSearch/pull/3948))
@@ -110,4 +111,4 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 ### Security
 
 [Unreleased 3.0]: https://github.com/opensearch-project/OpenSearch/compare/2.x...HEAD
-[Unreleased 2.x]: https://github.com/opensearch-project/OpenSearch/compare/2.11...2.x
\ No newline at end of file
+[Unreleased 2.x]: https://github.com/opensearch-project/OpenSearch/compare/2.11...2.x
diff --git a/buildSrc/build.gradle b/buildSrc/build.gradle
index 3dc689795151b..8fbd7cf7770fb 100644
--- a/buildSrc/build.gradle
+++ b/buildSrc/build.gradle
@@ -133,6 +133,10 @@ dependencies {
   integTestImplementation('org.spockframework:spock-core:2.3-groovy-3.0') {
     exclude module: "groovy"
   }
+  implementation('org.ajoberstar.grgit:grgit-core:5.2.0') {
+    exclude group: 'org.eclipse.jgit', module: 'org.eclipse.jgit'
+  }
+  implementation 'org.eclipse.jgit:org.eclipse.jgit:6.7.0.202309050840-r'
 }
 
 configurations.all {