Update all patch versions (prod-2-8-advance) (patch)

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
c2cwsgiutils	6.0.8 -> 6.0.9
vite (source)	5.4.10 -> 5.4.11
waitress (changelog)	3.0.0 -> 3.0.2

---

Release Notes

camptocamp/c2cwsgiutils (c2cwsgiutils)

v6.0.9

Compare Source

6.0.9 (2024-11-12)

Fixed bugs

• #​2523 [Backport 6.0] Be able to force the client information (@​c2c-bot-gis-ci-2, @​sbrunner)

Documentation

• #​2515 [Backport 6.0] README: Remove misleading info about version (@​c2c-bot-gis-ci-2, @​jwkaltz)

Security fixes

• #​2409 Audit Snyk check/fix 6.0 (@​geo-ghci-int[bot])
• #​2304 Audit Snyk check/fix 6.0 (@​geo-ghci-int[bot])
• #​2302 Audit Snyk check/fix 6.0 (@​geo-ghci-int[bot])
• #​2307 Audit Snyk check/fix 6.0 (@​geo-ghci-int[bot])
• #​2321 Audit Dpkg 6.0 (@​geo-ghci-int[bot], @​sbrunner)
• #​2348 Audit Snyk check/fix 6.0 (@​geo-ghci-int[bot])
• #​2490 Audit Snyk check/fix 6.0 (@​geo-ghci-int[bot])
• #​2339 Audit Snyk check/fix 6.0 (@​geo-ghci-int[bot])
• #​2367 Audit Snyk check/fix 6.0 (@​geo-ghci-int[bot])

Dependency update

• #​2502 Update all patch versions (6.0) (patch) (@​renovate[bot], @​sbrunner)
• #​2215 Snyk auto fix (@​c2c-bot-gis-ci-2, @​c2c-bot-gis-ci)
• #​2448 Update all patch versions (6.0) (patch) (@​renovate[bot])
• #​2328 Update all patch versions (6.0) (patch) (@​renovate[bot])
• #​2399 Update CI dependencies to v1.6.22 (6.0) (patch) (@​renovate[bot], @​sbrunner)
• #​2266 Update CI dependencies to v1.6.20 (6.0) (patch) (@​renovate[bot])
• #​2225 Snyk auto fix (@​c2c-bot-gis-ci-2, @​c2c-bot-gis-ci, @​sbrunner)
• #​2447 Update CI dependencies to v1.6.23 (6.0) (patch) (@​renovate[bot])
• #​2503 Update dependency pyjson5 to v1.6.7 (6.0) (@​renovate[bot])
• #​2420 Update all patch versions (6.0) (patch) (@​renovate[bot])
• #​2267 Update all patch versions (6.0) (patch) (@​renovate[bot])
• #​2381 Update all patch versions (6.0) (patch) (@​renovate[bot])
• #​2250 Snyk auto fix (@​c2c-bot-gis-ci-2, @​c2c-bot-gis-ci)
• #​2231 Update all patch versions (6.0) (patch) (@​renovate[bot])
• #​2327 Update CI dependencies to v1.6.21 (6.0) (patch) (@​renovate[bot])
• #​2232 Update pre-commit hook sirwart/ripsecrets to v0.1.8 (6.0) (@​renovate[bot])

Chore

Changes that shouldn't affect the users like continuous integration updates

• #​2403 Audit Dpkg 6.0 (@​geo-ghci-int[bot])
• #​2261 Update dpkg package versions (@​c2c-bot-gis-ci-2, @​c2c-bot-gis-ci)
• #​2412 Audit Dpkg 6.0 (@​geo-ghci-int[bot])
• #​2229 Update dpkg package versions (@​c2c-bot-gis-ci-2, @​c2c-bot-gis-ci)
• #​2283 CI updates (@​sbrunner)
• #​2394 Audit Dpkg 6.0 (@​geo-ghci-int[bot])
• #​2376 Audit Dpkg 6.0 (@​geo-ghci-int[bot])
• #​2293 Audit Dpkg 6.0 (@​geo-ghci-int[bot])
• #​2432 Audit Dpkg 6.0 (@​geo-ghci-int[bot])
• #​2349 Audit Dpkg 6.0 (@​geo-ghci-int[bot])
• #​2223 Update dpkg package versions (@​c2c-bot-gis-ci-2, @​c2c-bot-gis-ci)
• #​2429 Audit Dpkg 6.0 (@​geo-ghci-int[bot])
• #​2230 Update dpkg package versions (@​c2c-bot-gis-ci-2, @​c2c-bot-gis-ci)
• #​2359 Audit Dpkg 6.0 (@​geo-ghci-int[bot])
• #​2411 Audit Dpkg 6.0 (@​geo-ghci-int[bot])
• #​2435 Audit Dpkg 6.0 (@​geo-ghci-int[bot])
• #​2434 Audit Dpkg 6.0 (@​geo-ghci-int[bot])
• #​2414 Audit Dpkg 6.0 (@​geo-ghci-int[bot])
• #​2493 Audit Dpkg 6.0 (@​geo-ghci-int[bot])
• #​2433 Audit Dpkg 6.0 (@​geo-ghci-int[bot])
• #​2284 Audit Dpkg 6.0 (@​geo-ghci-int[bot])
• #​2288 CI updates (@​sbrunner)
• #​2281 CI updates (@​sbrunner)
• #​2370 Audit Dpkg 6.0 (@​geo-ghci-int[bot])
• #​2260 Update dpkg package versions (@​c2c-bot-gis-ci-2, @​c2c-bot-gis-ci)
• #​2378 Audit Dpkg 6.0 (@​geo-ghci-int[bot])

vitejs/vite (vite)

v5.4.11

Compare Source

Please refer to CHANGELOG.md for details.

Pylons/waitress (waitress)

v3.0.2

Compare Source

Security

- When using Waitress to process trusted proxy headers, Waitress will now
  update the headers to drop any untrusted values, thereby making sure that
  WSGI apps only get trusted and validated values that Waitress itself used to
  update the environ. See https://github.com/Pylons/waitress/pull/452 and
  https://github.com/Pylons/waitress/issues/451

v3.0.1

Compare Source

Security

- Fix a bug that would lead to Waitress busy looping on select() on a half-open
  socket due to a race condition that existed when creating a new HTTPChannel.
  See https://github.com/Pylons/waitress/pull/435,
  https://github.com/Pylons/waitress/issues/418 and
  https://github.com/Pylons/waitress/security/advisories/GHSA-3f84-rpwh-47g6

  With thanks to Dylan Jay and Dieter Maurer for their extensive debugging and
  helping track this down.

- No longer strip the header values before passing them to the WSGI environ.
  See https://github.com/Pylons/waitress/pull/434 and
  https://github.com/Pylons/waitress/issues/432

- Fix a race condition in Waitress when `channel_request_lookahead` is enabled
  that could lead to HTTP request smuggling.

  See https://github.com/Pylons/waitress/security/advisories/GHSA-9298-4cf8-g4wj

---

Configuration

📅 Schedule: Branch creation - "after 5pm on the first day of the month" in timezone Europe/Zurich, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.