SUSE Package Hub - openSUSE-2022-132

Update Info

openSUSE-2022-132

Security update for php-composer

Type: security

Severity: important

Issued: 2022-05-10

Description:

This update for php-composer fixes the following issues:

php-composer was updated to version 1.10.26:

* Security: Fixed command injection vulnerability in
  HgDriver/GitDriver: CVE-2022-24828 boo#1198494

Update to version 1.10.25

* Fix regression with PHP 8.1.0 and 8.1.1

Update to version 1.10.24

* Fixed PHP 8.1 compatibility

Update to version 1.10.23

* Security: Fixed command injection vulnerability CVE-2021-41116

References

CVE: CVE-2022-24828
CVE: CVE-2021-41116
Bugzilla: 1198494 VUL-0: CVE-2022-24828: php-composer2,php-composer: Code injection vulnerability

Packages

php-composer-1.10.26-bp153.2.6.1