FEDORA-2024-bb55f8476a
Packages in this update:
composer-2.7.7-1.fc39
Update description:
Version 2.7.7 2024-06-10
Security: Fixed command injection via malicious git branch name (GHSA-47f6-5gq3-vx9c / CVE-2024-35241)
Security: Fixed multiple command injections via malicious git/hg branch names (GHSA-v9qv-c7wm-wgmf / CVE-2024-35242)
Fixed PSR violations for classes not matching the namespace of a rule being hidden, this may lead to new violations being shown (#11957)
Fixed UX when a plugin is still in vendor dir but is not required nor allowed anymore after changing branches (#12000)
Fixed new platform requirements from composer.json not being checked if the lock file is outdated (#12001)
Fixed secure-http checks that could be bypassed by using malformed URL formats (fa3b9582c)
Fixed Filesystem::isLocalPath including windows-specific checks on linux (3c37a67c)
Fixed perforce argument escaping (3773f775)
Fixed handling of zip bombs when extracting archives (de5f7e32)
Fixed Windows command parameter escaping to prevent abuse of unicode characters with best fit encoding conversion (3130a7455, 04a63b324)
Fixed ability for config command to remove autoload keys (#11967)
Fixed empty type support in init command (#11999)
Fixed git clone errors when safe.bareRepository is set to strict in the git config (#11969)
Fixed regression showing network errors on PHP <8.1 (#11974)
Fixed some color bleed from a few warnings (#11972)
More Stories
trafficserver-9.2.5-1.el8
FEDORA-EPEL-2024-d40458db4b Packages in this update: trafficserver-9.2.5-1.el8 Update description: Update to upstream 9.2.5 Resolves CVE-2023-38522, CVE-2024-35161, CVE-2024-35296 Read More
trafficserver-9.2.5-1.fc40
FEDORA-2024-77fe791124 Packages in this update: trafficserver-9.2.5-1.fc40 Update description: Update to upstream 9.2.5 Resolves CVE-2023-38522, CVE-2024-35161, CVE-2024-35296 Read More
trafficserver-9.2.5-1.el9
FEDORA-EPEL-2024-504d1abdb5 Packages in this update: trafficserver-9.2.5-1.el9 Update description: Update to upstream 9.2.5 Resolves CVE-2023-38522, CVE-2024-35161, CVE-2024-35296 Read More
trafficserver-9.2.5-1.fc39
FEDORA-2024-2243c5abee Packages in this update: trafficserver-9.2.5-1.fc39 Update description: Update to upstream 9.2.5 Resolves CVE-2023-38522, CVE-2024-35161, CVE-2024-35296 Read More
python-setuptools-69.0.3-4.fc40
FEDORA-2024-247e9ba33a Packages in this update: python-setuptools-69.0.3-4.fc40 Update description: Security fix for CVE-2024-6345. Read More
python-setuptools-67.7.2-8.fc39
FEDORA-2024-9ed182a5d3 Packages in this update: python-setuptools-67.7.2-8.fc39 Update description: Security fix for CVE-2024-6345. Read More