[ https://issues.apache.org/jira/browse/AIRFLOW-2767?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16797239#comment-16797239 ]
ASF subversion and git services commented on AIRFLOW-2767: ---------------------------------------------------------- Commit f2d570385b0b7c6ca1a871bf9d92aca0231077e7 in airflow's branch refs/heads/v1-10-stable from RosterIn [ https://gitbox.apache.org/repos/asf?p=airflow.git;h=f2d5703 ] [AIRFLOW-2767] - Upgrade gunicorn to 19.5.0 to avoid moderate-severity CVE (#4795) Upgrade gunicorn to 19.5.0 to avoid moderate-severity CVE > Upgrade gunicorn to 19.5.0 or greater to avoid moderate-severity CVE > -------------------------------------------------------------------- > > Key: AIRFLOW-2767 > URL: https://issues.apache.org/jira/browse/AIRFLOW-2767 > Project: Apache Airflow > Issue Type: Improvement > Reporter: Siddharth Anand > Priority: Major > Fix For: 1.10.3 > > > Refer to the moderate-severity CVE in gunicorn 19.4.5 (apparently fixed in > 19.5.0) > [https://nvd.nist.gov/vuln/detail/CVE-2018-1000164] > Currently, apache airflow's setup.py allows 19.4.0 > -s -- This message was sent by Atlassian JIRA (v7.6.3#76005)