composer-2.6.5-1.fc38

Read Time:35 Second

FEDORA-2023-f3dedfef46

Packages in this update:

composer-2.6.5-1.fc38

Update description:

Version 2.6.5 – 2023-10-06

Fixed error when vendor dir contains broken symlinks (#11670)
Fixed composer.lock missing from Composer’s zip archives (#11674)
Fixed AutoloadGenerator::dump() non-BC signature change in 2.6.4 (cb363b0e8)

Version 2.6.4 – 2023-09-29

Security: Fixed possible remote code execution vulnerability if composer.phar is publicly accessible, executable as PHP, and register_argc_argv is enabled in php.ini (GHSA-jm6m-4632-36hf / CVE-2023-43655)
Fixed json output of abandoned packages in audit command (#11647)
Performance improvement in pool optimization step (#11638)
Performance improvement in show -a <packagename> (#11659)

Read More