poetry: update gunicorn to v21.2.0

[jayaddison]

Based on the gunicorn security support policy, I think we should update to the most-recent version v21.2.0 - it has been the latest version since its release on 2023-07-19, and seems relatively stable based on searching issues that mention it.

There is one bugreport benoitc/gunicorn#3038 - a possible regression since the v21.0.0 release series that isn't yet resolved.

Additionally there have been a few reports (ref, ref) of problems with eventlet (aka geventlet) - we don't use that worker-type though; we use gthread.

NB: The bugreport mentioned above does appear to be related to a gthread regression.

[jayaddison]

There is one bugreport benoitc/gunicorn#3038 - a possible regression since the v21.0.0 release series that isn't yet resolved.

Update: I don't think we're affected by this because we don't configure --max-requests when running gunicorn.

[russss]

I'll merge anyway to avoid any security warnings, thanks!

[jayaddison]

Thanks - note that a fix for CVE-2024-1135 has been merged into gunicorn, but is pending a release (so dependabot alerts about that particular CVE won't be solved by this).