Simone Pelosi has proposed merging ~pelpsi/lp-signing/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into ~launchpad/lp-signing/+git/dependencies:master.
Commit message: Upgraded gunicorn to fix HTTP request smuggling vulnerability A penetration test found that our gunicorn version is vulnerable, version 20.1.0 should be safe. Requested reviews: Launchpad code reviewers (launchpad-reviewers) For more details, see: https://code.launchpad.net/~pelpsi/lp-signing/+git/dependencies/+merge/440165 -- Your team Launchpad code reviewers is requested to review the proposed merge of ~pelpsi/lp-signing/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into ~launchpad/lp-signing/+git/dependencies:master.
diff --git a/gunicorn-20.1.0.tar.gz b/gunicorn-20.1.0.tar.gz new file mode 100644 index 0000000..b5da493 Binary files /dev/null and b/gunicorn-20.1.0.tar.gz differ
_______________________________________________ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp