mirror of
https://github.com/frappe/gunicorn.git
synced 2026-07-03 11:11:30 +08:00
docs: Update 24.0.0 changelog with security fixes
This commit is contained in:
parent
3960372b82
commit
e021e3e93f
@ -23,14 +23,24 @@
|
||||
with Material theme for improved navigation and mobile experience
|
||||
([PR #3426](https://github.com/benoitc/gunicorn/pull/3426))
|
||||
|
||||
### Security
|
||||
|
||||
- **eventlet**: Require eventlet >= 0.40.3 to address CVE-2021-21419 (websocket
|
||||
memory exhaustion) and CVE-2025-58068 (HTTP request smuggling)
|
||||
([PR #3445](https://github.com/benoitc/gunicorn/pull/3445))
|
||||
|
||||
- **gevent**: Require gevent >= 24.10.1 to address CVE-2023-41419 (HTTP request
|
||||
smuggling) and CVE-2024-3219 (socket.socketpair vulnerability)
|
||||
([PR #3445](https://github.com/benoitc/gunicorn/pull/3445))
|
||||
|
||||
- **tornado**: Require tornado >= 6.5.0 to address CVE-2025-47287 (HTTP request
|
||||
smuggling) and other security fixes
|
||||
([PR #3445](https://github.com/benoitc/gunicorn/pull/3445))
|
||||
|
||||
### Changes
|
||||
|
||||
- Minimum Python version is now 3.12
|
||||
- Documentation now hosted at https://gunicorn.org
|
||||
|
||||
### Breaking changes
|
||||
|
||||
- Dropped support for Python versions before 3.12
|
||||
- Updated license configuration to PEP 639 format for uv compatibility
|
||||
|
||||
!!! warning "ASGI Worker Beta"
|
||||
The ASGI worker is a beta feature. While tested, the API and behavior
|
||||
|
||||
@ -17,9 +17,11 @@
|
||||
|
||||
- **Documentation Migration**: Migrated to MkDocs with Material theme
|
||||
|
||||
### Breaking changes
|
||||
### Security
|
||||
|
||||
- Minimum Python version is now 3.12
|
||||
- **eventlet**: Require eventlet >= 0.40.3 (CVE-2021-21419, CVE-2025-58068)
|
||||
- **gevent**: Require gevent >= 24.10.1 (CVE-2023-41419, CVE-2024-3219)
|
||||
- **tornado**: Require tornado >= 6.5.0 (CVE-2025-47287)
|
||||
|
||||
---
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user