Skip to content

Commit

Permalink
Ready for 3.0.1
Browse files Browse the repository at this point in the history
  • Loading branch information
digitalresistor committed Oct 29, 2024
1 parent e435901 commit ae949bb
Showing 1 changed file with 12 additions and 3 deletions.
15 changes: 12 additions & 3 deletions CHANGES.txt
Original file line number Diff line number Diff line change
@@ -1,10 +1,14 @@
3.0.1 (unreleased)
3.0.1 (2024-11-28)
------------------

Security
~~~~~~~~

- Fix a bug that would lead to Waitress busy looping on select() on a half-open
socket due to a race condition that existed when creating a new HTTPChannel.
See https://github.com/Pylons/waitress/pull/435 and
https://github.com/Pylons/waitress/issues/418
See https://github.com/Pylons/waitress/pull/435,
https://github.com/Pylons/waitress/issues/418 and
https://github.com/Pylons/waitress/security/advisories/GHSA-3f84-rpwh-47g6

With thanks to Dylan Jay and Dieter Maurer for their extensive debugging and
helping track this down.
Expand All @@ -13,6 +17,11 @@
See https://github.com/Pylons/waitress/pull/434 and
https://github.com/Pylons/waitress/issues/432

- Fix a race condition in Waitress when `channel_request_lookahead` is enabled
that could lead to HTTP request smuggling.

See https://github.com/Pylons/waitress/security/advisories/GHSA-9298-4cf8-g4wj

3.0.0 (2024-02-04)
------------------

Expand Down

0 comments on commit ae949bb

Please sign in to comment.