[checkmk-commits] [Checkmk/checkmk] 3fd0b3: pipenv update

Branch: refs/heads/master Home: https://github.com/Checkmk/checkmk Commit: 3fd0b35fde7169a3722d4e2b48f4a1e29163268b https://github.com/Checkmk/checkmk/commit/3fd0b35fde7169a3722d4e2b48f4a1e29… Author: Hannes Rantzsch <hannes.rantzsch(a)checkmk.com> Date: 2024-04-18 (Thu, 18 Apr 2024) Changed paths: M Pipfile.lock Log Message: ----------- pipenv update Change-Id: I799ee0dafdcba7d98e97e38921db2b395f33e6a9 Commit: c7ccac438c0ff05e4c9971c1d85a7f0362cab65d https://github.com/Checkmk/checkmk/commit/c7ccac438c0ff05e4c9971c1d85a7f036… Author: Hannes Rantzsch <hannes.rantzsch(a)checkmk.com> Date: 2024-04-18 (Thu, 18 Apr 2024) Changed paths: M Pipfile.lock M packages/cmk-agent-receiver/pyproject.toml Log Message: ----------- update gunicorn Update contains the fix for CVE-2024-1135. Checkmk is not vulnerable to the issue though, since gunicorn doesn't actually process the requests. Instead, our worker uses h11 to process them, which will correctly raise an RemoteProtocolError saying "multiple Transfer-Encoding headers". Change-Id: I405dbb5d4a86cc5418eacd82cc691294fa17d249 Compare: https://github.com/Checkmk/checkmk/compare/7326f2968ce9...c7ccac438c0f To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications