patch 3.20.3

The tag patch 3.20.3 refers to a security update for the Python filelock package, specifically version 3.20.3, which addresses CVE-2026-22701. This vulnerability is a Time-of-Check/Time-of-Use (TOCTOU) race condition in the SoftFileLock implementation. A local attacker who can create symbolic links may exploit this race to cause silent lock failures, denial of service, or unintended operations on attacker-controlled files. The patch resolves the race between permission checks and file creation. Discussions on WindowsForum.com cover the technical details of the vulnerability, its impact on inter-process locking, and the importance of updating to patch 3.20.3 to mitigate the risk.