Skip to content

Security updates (per Dependabot)#6

Merged
pnc merged 1 commit into
mainfrom
pnc/2026-06-01-security-updates
Jun 1, 2026
Merged

Security updates (per Dependabot)#6
pnc merged 1 commit into
mainfrom
pnc/2026-06-01-security-updates

Conversation

@pnc
Copy link
Copy Markdown
Member

@pnc pnc commented Jun 1, 2026
edited
Loading

Dependabot identified a pile of upstream vulnerabilities, so I'm bumping deps.

https://github.com/eleostech/less-lethal/security/dependabot

@pnc @claude
Upgrade deps to fix Dependabot security alerts
cd5fdad 
- mitmproxy 12.2.1 → 12.2.3 (LDAP injection)
- tornado 6.5.2 → 6.5.5 (DoS via multipart, cookie injection)
- pyOpenSSL 25.3.0 → 26.2.0 (DTLS buffer overflow, TLS bypass)
- flask 3.1.2 → 3.1.3 (missing Vary: Cookie header)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@pnc pnc changed the title Pnc/2026 06 01 security updates Security updates (per Dependabot) Jun 1, 2026
@pnc pnc changed the base branch from main to add-docker-support June 1, 2026 19:56
@pnc pnc changed the base branch from add-docker-support to main June 1, 2026 19:57
@pnc pnc marked this pull request as ready for review June 1, 2026 19:57
@pnc pnc requested review from brandondean and ejblom55 June 1, 2026 19:57
@pnc pnc added this pull request to the merge queue Jun 1, 2026
Merged via the queue into main with commit df43f1c Jun 1, 2026
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@brandondean brandondean brandondean approved these changes

@ejblom55 ejblom55 Awaiting requested review from ejblom55

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pnc @brandondean