mirror of
https://github.com/frappe/gunicorn.git
synced 2026-07-01 18:21:30 +08:00
gevent: Require gevent 24.10.1+ to address CVE-2024-3219
This commit is contained in:
parent
db3b0819dc
commit
f9df39f600
@ -680,9 +680,9 @@ class WorkerClass(Setting):
|
||||
* ``sync``
|
||||
* ``eventlet`` - Requires eventlet >= 0.40.3 (or install it via
|
||||
``pip install gunicorn[eventlet]``)
|
||||
* ``gevent`` - Requires gevent >= 23.9.0 (or install it via
|
||||
* ``gevent`` - Requires gevent >= 24.10.1 (or install it via
|
||||
``pip install gunicorn[gevent]``)
|
||||
* ``tornado`` - Requires tornado >= 0.2 (or install it via
|
||||
* ``tornado`` - Requires tornado >= 6.5.0 (or install it via
|
||||
``pip install gunicorn[tornado]``)
|
||||
* ``gthread`` - Python 2 requires the futures package to be installed
|
||||
(or install it via ``pip install gunicorn[gthread]``)
|
||||
|
||||
@ -11,11 +11,11 @@ import time
|
||||
try:
|
||||
import gevent
|
||||
except ImportError:
|
||||
raise RuntimeError("gevent worker requires gevent 23.9.0 or higher")
|
||||
raise RuntimeError("gevent worker requires gevent 24.10.1 or higher")
|
||||
else:
|
||||
from packaging.version import parse as parse_version
|
||||
if parse_version(gevent.__version__) < parse_version('23.9.0'):
|
||||
raise RuntimeError("gevent worker requires gevent 23.9.0 or higher")
|
||||
if parse_version(gevent.__version__) < parse_version('24.10.1'):
|
||||
raise RuntimeError("gevent worker requires gevent 24.10.1 or higher")
|
||||
|
||||
from gevent.pool import Pool
|
||||
from gevent.server import StreamServer
|
||||
|
||||
@ -47,13 +47,13 @@ Documentation = "https://docs.gunicorn.org"
|
||||
Changelog = "https://docs.gunicorn.org/en/stable/news.html"
|
||||
|
||||
[project.optional-dependencies]
|
||||
gevent = ["gevent>=23.9.0"]
|
||||
gevent = ["gevent>=24.10.1"]
|
||||
eventlet = ["eventlet>=0.40.3"]
|
||||
tornado = ["tornado>=6.5.0"]
|
||||
gthread = []
|
||||
setproctitle = ["setproctitle"]
|
||||
testing = [
|
||||
"gevent>=23.9.0",
|
||||
"gevent>=24.10.1",
|
||||
"eventlet>=0.40.3",
|
||||
"coverage",
|
||||
"pytest",
|
||||
|
||||
@ -20,10 +20,10 @@ def test_import():
|
||||
|
||||
|
||||
def test_version_requirement():
|
||||
"""Test that gevent 23.9.0+ is required."""
|
||||
"""Test that gevent 24.10.1+ is required."""
|
||||
from gunicorn.workers import ggevent
|
||||
from packaging.version import parse as parse_version
|
||||
assert parse_version(gevent.__version__) >= parse_version('23.9.0')
|
||||
assert parse_version(gevent.__version__) >= parse_version('24.10.1')
|
||||
|
||||
|
||||
class TestGeventWorkerInit:
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user