mirror of
https://github.com/frappe/gunicorn.git
synced 2026-07-01 10:11:30 +08:00
- Bump version_info to (26, 0, 0) - Update SECURITY.md supported releases (26.0.0, 25.3.0) - Add 26.0.0 entry to news.md and 2026-news.md covering eventlet removal, ASGI framework compatibility suite, RFC 9110/9112 request-target and header hardening, smuggling fixes, HEAD/204/304 body framing, WebSocket close handshake compliance, HTTP/2 ASGI stream completion, early-hints validation, framework fixes (Django/Litestar/Quart/BlackSheep), and gunicorn_h1c >= 0.6.5
1.2 KiB
1.2 KiB
Security Policy
Reporting a Vulnerability
Please note that public Github issues are open for everyone to see!
If you believe you are found a problem in Gunicorn software, examples or documentation, we encourage you to send your report privately via email, or via Github using the Report a vulnerability button in the Security section.
Supported Releases
Please target reports against ✅ or current master. Please understand that ❌ will not receive further security attention.
| Version | Status |
|---|---|
| 26.0.0 | ✅ |
| 25.3.0 | ✅ |
| 24.1.1 | ❌ |
| 23.0.0 | ❌ |
| 22.0.0 | ❌ |
| < 22.0 | ❌ |
Python Versions
Gunicorn runs on Python 3.10+, supporting Python versions that are still maintained by the PSF. We highly recommend the latest release of a supported series and will not prioritize issues affecting EoL environments.