[Launchpad-reviewers] [Merge] ~pelpsi/turnip:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into turnip:master

Simone Pelosi Fri, 31 Mar 2023 08:03:32 -0700

Simone Pelosi has proposed merging 
~pelpsi/turnip:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into 
turnip:master.


Commit message:
Upgraded gunicorn to fix HTTP request smuggling vulnerability
    
A penetration test found that our gunicorn version is vulnerable, version 
20.1.0 should be safe.


Requested reviews:
  Launchpad code reviewers (launchpad-reviewers)

For more details, see:
https://code.launchpad.net/~pelpsi/turnip/+git/turnip/+merge/440169
-- 
Your team Launchpad code reviewers is requested to review the proposed merge of 
~pelpsi/turnip:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into 
turnip:master.

diff --git a/requirements.txt b/requirements.txt
index 8d5734d..c9bc202 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -22,7 +22,7 @@ future==0.18.2
 gevent==20.6.2
 gmpy==1.17
 greenlet==0.4.16
-gunicorn==19.3.0
+gunicorn==20.1.0
 hyperlink==19.0.0
 idna==2.9
 importlib_metadata==1.7.0

_______________________________________________
Mailing list: https://launchpad.net/~launchpad-reviewers
Post to     : launchpad-reviewers@lists.launchpad.net
Unsubscribe : https://launchpad.net/~launchpad-reviewers
More help   : https://help.launchpad.net/ListHelp

[Launchpad-reviewers] [Merge] ~pelpsi/turnip:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into turnip:master

Reply via email to