Skip to content

[3.12] gh-127655: Ensure _SelectorSocketTransport.writelines pauses the protocol if needed (GH-127656) #127664

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Dec 6, 2024
Merged

[3.12] gh-127655: Ensure _SelectorSocketTransport.writelines pauses the protocol if needed (GH-127656) #127664

merged 1 commit into from
Dec 6, 2024

Conversation

miss-islington
Copy link
Contributor

@miss-islington miss-islington commented Dec 6, 2024
edited by bedevere-app bot
Loading

Ensure _SelectorSocketTransport.writelines pauses the protocol if it reaches the high water mark as needed.
(cherry picked from commit e991ac8)

Co-authored-by: J. Nick Koston [email protected]
Co-authored-by: Kumar Aditya [email protected]

@bdraco @kumaraditya303 @miss-islington
pythongh-127655: Ensure _SelectorSocketTransport.writelines pauses …
5d35524 
…the protocol if needed (pythonGH-127656)

Ensure `_SelectorSocketTransport.writelines` pauses the protocol if it reaches the high water mark as needed.
(cherry picked from commit e991ac8)

Co-authored-by: J. Nick Koston <[email protected]>
Co-authored-by: Kumar Aditya <[email protected]>
@bedevere-app bedevere-app bot mentioned this pull request Dec 6, 2024
Closed
@bedevere-app bedevere-app bot mentioned this pull request Dec 6, 2024
Merged
@kumaraditya303 kumaraditya303 merged commit 9aa0deb into python:3.12 Dec 6, 2024
34 checks passed
@gvanrossum
Copy link
Member

@kumaraditya303 Thanks for your review and for getting all the versions merged!

@peterbe
Copy link

peterbe commented Jan 27, 2025

Pardon my ignorance, but given that 9aa0deb fixes a security advisory (GHSA-ph84-rcj2-fxxm) how come there's no new release of 3.12? I.e. something >3.12 on the 3.12 branch? Will there be a 3.12.9 that contains this fix?

I'm curious because one of my apps uses 3.12.8 and our alerting says the only version that is fixed is 3.14.0a2 which feels a bit too new to switch to.

@gvanrossum
Copy link
Member

3.12.9 is expected on Feb 4 (see PEP 693).

I don't think we issue emergency releases for GitHub advisories, only for CVEs, and even then I'm not sure what the policy is.

If you're really worried that this pattern exists in your code you can try to audit it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kumaraditya303 kumaraditya303 kumaraditya303 approved these changes

@1st1 1st1 Awaiting requested review from 1st1 1st1 is a code owner

@asvetlov asvetlov Awaiting requested review from asvetlov asvetlov is a code owner

@gvanrossum gvanrossum Awaiting requested review from gvanrossum gvanrossum is a code owner

@willingc willingc Awaiting requested review from willingc willingc is a code owner

Assignees
No one assigned
Labels
topic-asyncio type-security A security issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@miss-islington @gvanrossum @peterbe @kumaraditya303 @bdraco