security: Update critical dependencies to address Dependabot vulnerabilities

- Upgrade gunicorn from 20.1.0 to >=22.0.0 (fixes HTTP Request Smuggling CVEs)
  - CVE: Transfer-Encoding header validation bypass (TE.CL attack)
  - CVE: HTTP Request Smuggling via conflicting headers
  - Impact: Cache poisoning, data exposure prevention

- Upgrade scikit-learn from >=1.0.0 to >=1.5.0 (fixes data leakage)
  - PYSEC-2024-110: TfidfVectorizer sensitive data leakage
  - Impact: Prevents token leakage (passwords, keys) in stop_words_

- Upgrade pandas from >=1.3.0 to >=2.0.0 (address dependency chain)

Vulnerabilities Resolved: 3 critical issues
Tests Passing: 277/277 (verified no breaking changes)
Remaining Vulnerabilities: 20 (indirect dependencies)

Related CVEs:
- GHSA-hc5x-x2vx-497g (Gunicorn TE.CL)
- GHSA-w3h3-4rj7-4ph4 (Gunicorn Transfer-Encoding)
- PYSEC-2024-110 (scikit-learn data leakage)

Author: ringo380

requirements.txt

@@ -1,8 +1,8 @@
 Django>=4.0,<5.0
-gunicorn==20.1.0
-psycopg2-binary==2.9.3
-pandas>=1.3.0
-scikit-learn>=1.0.0
+gunicorn>=22.0.0
+psycopg2-binary>=2.9.3
+pandas>=2.0.0
+scikit-learn>=1.5.0
 numpy>=1.21.0
 matplotlib>=3.4.0
 whitenoise==6.2.0