This commit updates the hexo-theme-next to version 8.20.0 and correct…

…s a typo in the vulnerability description.

- Updated hexo-theme-next package to version 8.20.0
- Replaced previous version 8.19.2
- Corrected typo in vulnerability description related to Gunicorn
- Provided accurate information to users regarding the handling of Transfer-Encoding headers

package.json

@@ -21,6 +21,6 @@
     "hexo-renderer-marked": "^6.0.0",
     "hexo-renderer-stylus": "^3.0.0",
     "hexo-server": "^3.0.0",
-    "hexo-theme-next": "^8.19.2"
+    "hexo-theme-next": "^8.20.0"
   }
 }

source/_posts/Patch-Gunicorn-to-version-22-0-to-prevent-HTTP-Request-Smuggling-vulnerability.md

@@ -11,7 +11,7 @@ tags:
 
 ---
 ## Which version(s) are affected?
-Hey fellow readers, if you're deploying your python application or containerized application through Gunicorn (Green Unicorn) there is a new vulnerability that bypasses validation when == multiple conflicting Transfer-Encoding headers == are used which are treated as chunked data regardlesss of final encoding leading to Request Smuggling allowing access to restricted API endpoints in your application without needed credentials/tokens.
+Hey fellow readers, if you\'re deploying your python application or containerized application through Gunicorn (Green Unicorn) there is a new vulnerability that bypasses validation when **multiple conflicting Transfer-Encoding headers** are used which are treated as chunked data regardless of final encoding leading to Request Smuggling allowing access to restricted API endpoints in your application without needed credentials/tokens.
 <!-- more -->
 
 The new update version 22.0 fixes the issue mentioned in the [commit](https://github.com/benoitc/gunicorn/commit/ac29c9b0a758d21f1e0fb3b3457239e523fa9f1d).