Launchpad itself

~pelpsi/launchpad:upgrade-gunicorn-to-fix-HTTP-request-smuggling-vulnerability

Git
lp:~pelpsi/launchpad
upgrade-gunicorn-to-fix-HTTP-request-...

Last commit made on 2023-03-23

Get this branch:: git clone -b upgrade-gunicorn-to-fix-HTTP-request-smuggling-vulnerability https://git.launchpad.net/~pelpsi/launchpad

Only Simone Pelosi can upload to this branch. If you are Simone Pelosi please log in for upload directions.

Branch merges

Merged into launchpad:master

Colin Watson (community): Approve on 2023-03-29

Branch information

Name:: upgrade-gunicorn-to-fix-HTTP-request-smuggling-vulnerability

Repository:: lp:~pelpsi/launchpad

Recent commits

bb039e8... by Simone Pelosi on 2023-03-23

Upgraded gunicorn to fix HTTP request smuggling vulnerability

A penetration test found that our gunicorn version is vulnerable, version 20.1.0 should be safe.

	docs:0 (build)
	lint:0 (build)
	mypy:0 (build)

7575082... by Colin Watson on 2023-03-23

Optimize Person.visible_specifications

Merged from https://code.launchpad.net/~cjwatson/launchpad/+git/launchpad/+merge/439396

c8011c9... by Colin Watson on 2023-03-23

Fix OpenPGP key rendering when logged out

Merged from https://code.launchpad.net/~cjwatson/launchpad/+git/launchpad/+merge/439402

33af93a... by Colin Watson on 2023-03-23

charm: Add datedir2amqp cron job to launchpad-appserver

Merged from https://code.launchpad.net/~cjwatson/launchpad/+git/launchpad/+merge/439407

3d72b80... by Colin Watson on 2023-03-22

charm: Add datedir2amqp cron job to launchpad-appserver

This matches production. The launchpad-layers update adds crontab
handling support.

5b9b04c... by Colin Watson on 2023-03-22

Add debbugs-sync script

Merged from https://code.launchpad.net/~cjwatson/launchpad/+git/launchpad/+merge/439236

1ff2add... by Colin Watson on 2023-03-22

Fix OpenPGP key rendering when logged out

Commit 6820898dfc97d25e02daa35d5b4a71687d4e1419 only fixed the rendering
of OpenPGP key fingerprints when logged in, because the `<a>` tag is
omitted when logged out. Move the `style` attribute to an inner
`<span>` tag to fix this.

938ecc8... by Colin Watson on 2023-03-22

Optimize Person.visible_specifications

I noticed `Person.visible_specifications` timing out while I was
deleting some spam. It seems that the query constructed here caused the
PostgreSQL planner to use a sequential scan over the whole
`Specification` table, which is very slow. Moving the
`Specification.id.is_in(...)` clause into a `UNION` avoids this.

This may also help with LP: #1920045, although I'm less sure of that.

c5a1349... by Simone Pelosi on 2023-03-21

Improved readability

Changed from "id" to "ID" to improve readability

Merged from https://code.launchpad.net/~pelpsi/launchpad/+git/launchpad/+merge/439337

b9b7afe... by Simone Pelosi on 2023-03-21

Improved readability

	docs:0 (build)
	lint:0 (build)
	mypy:0 (build)

»