[checkmk-commits] [Checkmk/checkmk] 77682c: pipenv update

Branch: refs/heads/2.3.0 Home: https://github.com/Checkmk/checkmk Commit: 77682cbb20c31e0e835f6c021d8fa3f86928d80d https://github.com/Checkmk/checkmk/commit/77682cbb20c31e0e835f6c021d8fa3f86… Author: Hannes Rantzsch <hannes.rantzsch(a)checkmk.com> Date: 2024-04-18 (Thu, 18 Apr 2024) Changed paths: M Pipfile.lock Log Message: ----------- pipenv update Change-Id: I18b439838fb33eb5d149471f29d9bd1c9a552dac Commit: c1f1de6646e38660d35f1d9742aa42750d6c9140 https://github.com/Checkmk/checkmk/commit/c1f1de6646e38660d35f1d9742aa42750… Author: Hannes Rantzsch <hannes.rantzsch(a)checkmk.com> Date: 2024-04-18 (Thu, 18 Apr 2024) Changed paths: M Pipfile.lock M packages/cmk-agent-receiver/pyproject.toml Log Message: ----------- update gunicorn Update contains the fix for CVE-2024-1135. Checkmk is not vulnerable to the issue though, since gunicorn doesn't actually process the requests. Instead, our worker uses h11 to process them, which will correctly raise an RemoteProtocolError saying "multiple Transfer-Encoding headers". Change-Id: I405dbb5d4a86cc5418eacd82cc691294fa17d249 Compare: https://github.com/Checkmk/checkmk/compare/33e5a458f7c2...c1f1de6646e3 To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications