From bb8624fb1ed531cadc0a156b598f790b1cf60f3d Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Fri, 29 Sep 2023 10:51:26 +0200 Subject: [PATCH] Update changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0b0dd1ad9..e84c3762f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,6 @@ ### [2.2.22] 2023-09-29 + * Security: Fixed possible remote code execution vulnerability if composer.phar is publicly accessible, executable as PHP, and register_argc_argv is enabled in php.ini (GHSA-jm6m-4632-36hf / CVE-2023-43655) * Fixed authentication issue when downloading several files from private Bitbucket in parallel (#11464) * Fixed handling of broken junctions on windows (#11550) * Fixed loading of root aliases on path repo packages when doing partial updates (#11632)