Branch: refs/heads/master
Home:
https://github.com/Checkmk/checkmk
Commit: 3fd0b35fde7169a3722d4e2b48f4a1e29163268b
https://github.com/Checkmk/checkmk/commit/3fd0b35fde7169a3722d4e2b48f4a1e29…
Author: Hannes Rantzsch <hannes.rantzsch(a)checkmk.com>
Date: 2024-04-18 (Thu, 18 Apr 2024)
Changed paths:
M Pipfile.lock
Log Message:
-----------
pipenv update
Change-Id: I799ee0dafdcba7d98e97e38921db2b395f33e6a9
Commit: c7ccac438c0ff05e4c9971c1d85a7f0362cab65d
https://github.com/Checkmk/checkmk/commit/c7ccac438c0ff05e4c9971c1d85a7f036…
Author: Hannes Rantzsch <hannes.rantzsch(a)checkmk.com>
Date: 2024-04-18 (Thu, 18 Apr 2024)
Changed paths:
M Pipfile.lock
M packages/cmk-agent-receiver/pyproject.toml
Log Message:
-----------
update gunicorn
Update contains the fix for CVE-2024-1135.
Checkmk is not vulnerable to the issue though, since gunicorn doesn't actually process
the
requests. Instead, our worker uses h11 to process them, which will correctly raise an
RemoteProtocolError saying "multiple Transfer-Encoding headers".
Change-Id: I405dbb5d4a86cc5418eacd82cc691294fa17d249
Compare:
https://github.com/Checkmk/checkmk/compare/7326f2968ce9...c7ccac438c0f
To unsubscribe from these emails, change your notification settings at
https://github.com/Checkmk/checkmk/settings/notifications