openSUSE-SU-2022:0132-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2022:0132-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2022:0132-1
Related
Published
2022-05-10T09:13:38Z
Modified
2022-05-10T09:13:38Z
Summary
Security update for php-composer
Details

This update for php-composer fixes the following issues:

php-composer was updated to version 1.10.26:

  • Security: Fixed command injection vulnerability in HgDriver/GitDriver: CVE-2022-24828 boo#1198494

Update to version 1.10.25

  • Fix regression with PHP 8.1.0 and 8.1.1

Update to version 1.10.24

  • Fixed PHP 8.1 compatibility

Update to version 1.10.23

  • Security: Fixed command injection vulnerability CVE-2021-41116
References

Affected packages

SUSE:Package Hub 15 SP3 / php-composer

Package

Name
php-composer
Purl
pkg:rpm/suse/php-composer&distro=SUSE%20Package%20Hub%2015%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.10.26-bp153.2.6.1

Ecosystem specific 

{
    "binaries": [
        {
            "php-composer": "1.10.26-bp153.2.6.1"
        }
    ]
}

openSUSE:Leap 15.3 / php-composer

Package

Name
php-composer
Purl
pkg:rpm/opensuse/php-composer&distro=openSUSE%20Leap%2015.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.10.26-bp153.2.6.1

Ecosystem specific 

{
    "binaries": [
        {
            "php-composer": "1.10.26-bp153.2.6.1"
        }
    ]
}