KEMBAR78
[3.12] gh-127655: Ensure `_SelectorSocketTransport.writelines` pauses the protocol if needed (GH-127656) by miss-islington · Pull Request #127664 · python/cpython · GitHub
Skip to content

Conversation

@miss-islington
Copy link
Contributor

@miss-islington miss-islington commented Dec 6, 2024

Ensure _SelectorSocketTransport.writelines pauses the protocol if it reaches the high water mark as needed.
(cherry picked from commit e991ac8)

Co-authored-by: J. Nick Koston nick@koston.org
Co-authored-by: Kumar Aditya kumaraditya@python.org

…the protocol if needed (pythonGH-127656)

Ensure `_SelectorSocketTransport.writelines` pauses the protocol if it reaches the high water mark as needed.
(cherry picked from commit e991ac8)

Co-authored-by: J. Nick Koston <nick@koston.org>
Co-authored-by: Kumar Aditya <kumaraditya@python.org>
@kumaraditya303 kumaraditya303 merged commit 9aa0deb into python:3.12 Dec 6, 2024
34 checks passed
@gvanrossum
Copy link
Member

@kumaraditya303 Thanks for your review and for getting all the versions merged!

@peterbe
Copy link

peterbe commented Jan 27, 2025

Pardon my ignorance, but given that 9aa0deb fixes a security advisory (GHSA-ph84-rcj2-fxxm) how come there's no new release of 3.12? I.e. something >3.12 on the 3.12 branch? Will there be a 3.12.9 that contains this fix?

I'm curious because one of my apps uses 3.12.8 and our alerting says the only version that is fixed is 3.14.0a2 which feels a bit too new to switch to.

@gvanrossum
Copy link
Member

3.12.9 is expected on Feb 4 (see PEP 693).

I don't think we issue emergency releases for GitHub advisories, only for CVEs, and even then I'm not sure what the policy is.

If you're really worried that this pattern exists in your code you can try to audit it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants