Bump up commons-compress to 1.26.1 to fix CVE

[sandeshkr419]

Description

Follow-up on #12604, Bump common-compress package to 1.26.1 to fix CVE:

https://nvd.nist.gov/vuln/detail/CVE-2024-26308 NVD / Published Date:02/19/2024
https://nvd.nist.gov/vuln/detail/CVE-2024-25710 NVD / Published Date: 02/19/2024

Tika has been upgraded to latest release since any previous release were failing with required commons-compress upgrade. Also, other dependencies with ingest-attachement (with Tika) were upgraded to resolve minor future CVEs and test errors.

Related Issues

Check List

• New functionality includes testing.
  • All tests pass
• New functionality has been documented.
  • New functionality has javadoc added
• Failing checks are inspected and point to the corresponding known issue(s) (See: Troubleshooting Failing Builds)
• Commits are signed per the DCO using --signoff
• Commit changes are listed out in CHANGELOG.md file (See: Changelog)
• Public documentation issue/PR created

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[github-actions]

❌ Gradle check result for 8c8a75f: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

[github-actions]

❌ Gradle check result for 8c8a75f: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

[github-actions]

❕ Gradle check result for 86977e8: UNSTABLE

• TEST FAILURES:

      1 org.opensearch.action.admin.cluster.node.tasks.ResourceAwareTasksTests.testTaskResourceTrackingDuringTaskCancellation

Please review all flaky tests that succeeded after retry and create an issue if one does not already exist to track the flaky failure.

[github-actions]

❕ Gradle check result for 9e3ce43: UNSTABLE

• TEST FAILURES:

      1 org.opensearch.indices.replication.SegmentReplicationIT.testNodeDropWithOngoingReplication

Please review all flaky tests that succeeded after retry and create an issue if one does not already exist to track the flaky failure.

[github-actions]

❕ Gradle check result for 54b8ef9: UNSTABLE

• TEST FAILURES:

      1 org.opensearch.remotestore.RemoteStoreStatsIT.testNonZeroPrimaryStatsOnNewlyCreatedIndexWithZeroDocs

Please review all flaky tests that succeeded after retry and create an issue if one does not already exist to track the flaky failure.

[sandeshkr419]

Changes are ready for review!

[opensearch-trigger-bot]

The backport to 2.x failed:

The process '/usr/bin/git' failed with exit code 128

To backport manually, run these commands in your terminal:

# Navigate to the root of your repository
cd $(git rev-parse --show-toplevel)
# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add ../.worktrees/OpenSearch/backport-2.x 2.x
# Navigate to the new working tree
pushd ../.worktrees/OpenSearch/backport-2.x
# Create a new branch
git switch --create backport/backport-12627-to-2.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 c00e8631b42e0a12039b8f5796e5b54f429e2a1f
# Push it to GitHub
git push --set-upstream origin backport/backport-12627-to-2.x
# Go back to the original working tree
popd
# Delete the working tree
git worktree remove ../.worktrees/OpenSearch/backport-2.x

Then, create a pull request where the base branch is 2.x and the compare/head branch is backport/backport-12627-to-2.x.

[opensearch-trigger-bot]

The backport to 1.3 failed:

The process '/usr/bin/git' failed with exit code 128

To backport manually, run these commands in your terminal:

# Navigate to the root of your repository
cd $(git rev-parse --show-toplevel)
# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add ../.worktrees/OpenSearch/backport-1.3 1.3
# Navigate to the new working tree
pushd ../.worktrees/OpenSearch/backport-1.3
# Create a new branch
git switch --create backport/backport-12627-to-1.3
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 c00e8631b42e0a12039b8f5796e5b54f429e2a1f
# Push it to GitHub
git push --set-upstream origin backport/backport-12627-to-1.3
# Go back to the original working tree
popd
# Delete the working tree
git worktree remove ../.worktrees/OpenSearch/backport-1.3

Then, create a pull request where the base branch is 1.3 and the compare/head branch is backport/backport-12627-to-1.3.