launchpad-reviewers team mailing list archive

Thread
Date

[Merge] ~pelpsi/lp-signing/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into ~launchpad/lp-signing/+git/dependencies:master

To: mp+440423@xxxxxxxxxxxxxxxxxx
From: Simone Pelosi <mp+440423@xxxxxxxxxxxxxxxxxx>
Date: Wed, 05 Apr 2023 16:30:23 -0000
Reply-to: mp+440423@xxxxxxxxxxxxxxxxxx
Sender: noreply@xxxxxxxxxxxxx

Simone Pelosi has proposed merging ~pelpsi/lp-signing/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into ~launchpad/lp-signing/+git/dependencies:master.

Commit message:
Upgraded talisker to maximize compatibility with gunicorn
    
A penetration test found that our gunicorn version is vulnerable, version 20.1.0 should be safe.


Requested reviews:
  Launchpad code reviewers (launchpad-reviewers)

For more details, see:
https://code.launchpad.net/~pelpsi/lp-signing/+git/dependencies/+merge/440423
-- 
Your team Launchpad code reviewers is requested to review the proposed merge of ~pelpsi/lp-signing/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into ~launchpad/lp-signing/+git/dependencies:master.

diff --git a/talisker-0.20.0.tar.gz b/talisker-0.20.0.tar.gz
new file mode 100644
index 0000000..fe22479
Binary files /dev/null and b/talisker-0.20.0.tar.gz differ