FEDORA-2024-bb55f8476a
Packages in this update:
composer-2.7.7-1.fc39
Update description:
Version 2.7.7 2024-06-10
Security: Fixed command injection via malicious git branch name (GHSA-47f6-5gq3-vx9c / CVE-2024-35241)
Security: Fixed multiple command injections via malicious git/hg branch names (GHSA-v9qv-c7wm-wgmf / CVE-2024-35242)
Fixed PSR violations for classes not matching the namespace of a rule being hidden, this may lead to new violations being shown (#11957)
Fixed UX when a plugin is still in vendor dir but is not required nor allowed anymore after changing branches (#12000)
Fixed new platform requirements from composer.json not being checked if the lock file is outdated (#12001)
Fixed secure-http checks that could be bypassed by using malformed URL formats (fa3b9582c)
Fixed Filesystem::isLocalPath including windows-specific checks on linux (3c37a67c)
Fixed perforce argument escaping (3773f775)
Fixed handling of zip bombs when extracting archives (de5f7e32)
Fixed Windows command parameter escaping to prevent abuse of unicode characters with best fit encoding conversion (3130a7455, 04a63b324)
Fixed ability for config command to remove autoload keys (#11967)
Fixed empty type support in init command (#11999)
Fixed git clone errors when safe.bareRepository is set to strict in the git config (#11969)
Fixed regression showing network errors on PHP <8.1 (#11974)
Fixed some color bleed from a few warnings (#11972)
More Stories
Multiple Vulnerabilities in Fortinet Products Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered Fortinet Products, the most severe of which could allow for remote code execution. FortiManager...
Critical Patches Issued for Microsoft Products, February 11, 2025
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in...
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful...
python3.11-3.11.11-5.fc40
FEDORA-2025-f613fe78b6 Packages in this update: python3.11-3.11.11-5.fc40 Update description: Security fix for CVE-2025-0938 Read More
python3.11-3.11.11-5.fc41
FEDORA-2025-81304012fc Packages in this update: python3.11-3.11.11-5.fc41 Update description: Security fix for CVE-2025-0938 Read More
python3.10-3.10.16-5.fc40
FEDORA-2025-10e053d399 Packages in this update: python3.10-3.10.16-5.fc40 Update description: Security fix for CVE-2025-0938 Read More