Skip to content

Commit 7d1a6fb

Browse files
nathan-weinbergmergify[bot]
nathan-weinberg
authored and
mergify[bot]
committed
fix(security): Pin tornado>=6.5.5 (GHSA-qjxf-f2mg-c6mc) (#5425)
# What does this PR do? Addresses DoS due to too many multipart parts Refs: [GHSA-qjxf-f2mg-c6mc](GHSA-qjxf-f2mg-c6mc) Signed-off-by: Nathan Weinberg <nweinber@redhat.com> (cherry picked from commit 0614673)
1 parent 5629cd1 commit 7d1a6fb

File tree

2 files changed

+16
-18
lines changed

2 files changed

+16
-18
lines changed

pyproject.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -54,7 +54,7 @@ dependencies = [
5454
"sqlalchemy[asyncio]>=2.0.41", # server - for conversations
5555
"starlette>=0.49.1",
5656
"psycopg2-binary",
57-
"tornado>=6.5.3",
57+
"tornado>=6.5.5",
5858
"urllib3>=2.6.3",
5959
"oracledb>=3.4.1",
6060
"oci>=2.165.0",

uv.lock

Lines changed: 15 additions & 17 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)