public-mirrors
/
composer
mirror of https://github.com/composer/composer
1
0
Fork 0
Code

Update changelog

pull/11920/head
Jordi Boggiano 2024-02-08 15:14:27 +01:00
parent 668b56d0b0
commit 2cd63e0196
No known key found for this signature in database
GPG Key ID: 7BBD42C429EC80BC
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGELOG.md
View File

@ -1,3 +1,7 @@
### [2.2.23] 2024-02-08
* Security: Fixed code execution and possible privilege escalation via compromised vendor dir contents (GHSA-7c6p-848j-wh5h / CVE-2024-24821)
### [2.2.22] 2023-09-29
* Security: Fixed possible remote code execution vulnerability if composer.phar is publicly accessible, executable as PHP, and register_argc_argv is enabled in php.ini (GHSA-jm6m-4632-36hf / CVE-2023-43655)
@ -1503,6 +1507,7 @@
* Initial release
[2.2.23]: https://github.com/composer/composer/compare/2.2.22...2.2.23
[2.2.22]: https://github.com/composer/composer/compare/2.2.21...2.2.22
[2.2.21]: https://github.com/composer/composer/compare/2.2.20...2.2.21
[2.2.20]: https://github.com/composer/composer/compare/2.2.19...2.2.20