Prep for 3.0.2

commit: b11ae729cc51ca2998a1ad9b4992b34f34ac95e7 [log] [tgz]
author: Delta Regeer <bertjw@regeer.org> Sat Nov 16 19:46:41 2024
committer: Delta Regeer <bertjw@regeer.org> Sat Nov 16 19:46:41 2024
tree: d6a4c81737a7a61a0cd392cc8bfb6f35823e325b
parent: 38ffad094b785168aba197f6b6d8df5de713cc2b [diff]
diff --git a/CHANGES.txt b/CHANGES.txt
index cd17ff9..9554e78 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt

@@ -1,4 +1,17 @@
-3.0.1 (2024-11-28)
+3.0.2 (2024-11-16)
+------------------
+
+Security
+~~~~~~~~
+
+- When using Waitress to process trusted proxy headers, Waitress will now
+  update the headers to drop any untrusted values, thereby making sure that
+  WSGI apps only get trusted and validated values that Waitress itself used to
+  update the environ. See https://github.com/Pylons/waitress/pull/452 and
+  https://github.com/Pylons/waitress/issues/451
+
+
+3.0.1 (2024-10-28)
 ------------------
 
 Backward Incompatibilities

diff --git a/setup.cfg b/setup.cfg
index 7bdc08c..be07731 100644
--- a/setup.cfg
+++ b/setup.cfg

@@ -1,6 +1,6 @@
 [metadata]
 name = waitress
-version = 3.0.1
+version = 3.0.2
 description = Waitress WSGI server
 long_description = file: README.rst, CHANGES.txt
 long_description_content_type = text/x-rst
@@ -37,7 +37,7 @@
 [options]
 package_dir=
     =src
-packages=find:
+packages = find:
 python_requires = >=3.9.0
 
 [options.entry_points]
@@ -47,7 +47,7 @@
     waitress-serve = waitress.runner:run
 
 [options.packages.find]
-where=src
+where = src
 
 [options.extras_require]
 testing =
commit	b11ae729cc51ca2998a1ad9b4992b34f34ac95e7	[log] [tgz]
author	Delta Regeer <bertjw@regeer.org>	Sat Nov 16 19:46:41 2024
committer	Delta Regeer <bertjw@regeer.org>	Sat Nov 16 19:46:41 2024
tree	d6a4c81737a7a61a0cd392cc8bfb6f35823e325b
parent	38ffad094b785168aba197f6b6d8df5de713cc2b [diff]