From 2cd63e0196050a1d6c3364c4c6539af698ee9057 Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Thu, 8 Feb 2024 15:14:27 +0100 Subject: [PATCH] Update changelog --- CHANGELOG.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index e84c3762f..242b33f67 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,7 @@ +### [2.2.23] 2024-02-08 + + * Security: Fixed code execution and possible privilege escalation via compromised vendor dir contents (GHSA-7c6p-848j-wh5h / CVE-2024-24821) + ### [2.2.22] 2023-09-29 * Security: Fixed possible remote code execution vulnerability if composer.phar is publicly accessible, executable as PHP, and register_argc_argv is enabled in php.ini (GHSA-jm6m-4632-36hf / CVE-2023-43655) @@ -1503,6 +1507,7 @@ * Initial release +[2.2.23]: https://github.com/composer/composer/compare/2.2.22...2.2.23 [2.2.22]: https://github.com/composer/composer/compare/2.2.21...2.2.22 [2.2.21]: https://github.com/composer/composer/compare/2.2.20...2.2.21 [2.2.20]: https://github.com/composer/composer/compare/2.2.19...2.2.20