Read Time:24 Second

FEDORA-2023-dbe9d482a8

Packages in this update:

composer-2.6.4-1.fc38

Update description:

Version 2.6.4 – 2023-09-29

Security: Fixed possible remote code execution vulnerability if composer.phar is publicly accessible, executable as PHP, and register_argc_argv is enabled in php.ini (GHSA-jm6m-4632-36hf / CVE-2023-43655)
Fixed json output of abandoned packages in audit command (#11647)
Performance improvement in pool optimization step (#11638)
Performance improvement in show -a <packagename> (#11659)

More Stories

redis-7.2.7-1.fc40

FEDORA-2025-72fd0442cc Packages in this update: redis-7.2.7-1.fc40 Update description: Redis 7.2.7 Released Mon 6 Jan 2025 12:30:00 IDT Upgrade urgency SECURITY:...

January 6, 2025

USN-7159-5: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

January 6, 2025

USN-7154-2: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

January 6, 2025

USN-7182-1: Ceph vulnerability

It was discovered that Ceph incorrectly handled unsupported JWT algorithms in the RadosGW gateway. An attacker could possibly use this...

January 6, 2025

USN-7181-1: Salt vulnerability

It was discovered that Salt incorrectly handled web requests when the SSH client was enabled. An attacker could possibly use...

January 6, 2025

USN-7180-1: Python vulnerabilities

It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code...

January 6, 2025