Accepted composer 1.8.4-1+deb10u2 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 28 May 2022 18:18:24 +0200
Source: composer
Architecture: source
Version: 1.8.4-1+deb10u2
Distribution: buster
Urgency: medium
Maintainer: Debian PHP PEAR Maintainers <pkg-php-pear@lists.alioth.debian.org>
Changed-By: David Prévot <taffit@debian.org>
Closes: 955485 989315 1009960
Changes:
composer (1.8.4-1+deb10u2) buster; urgency=medium
.
* Fix code injection vulnerability [CVE-2022-24828] (Closes: #1009960)
* Update GitHub token pattern (Closes: #989315)
* Use Authorization header instead of deprecated access_token query param
(Closes: #955485)
Checksums-Sha1:
6e4a8fca20b9b4719e94808e7b0e7bc0eb48ceef 1904 composer_1.8.4-1+deb10u2.dsc
d202319631cd905aa3b701c1e50a5c5254c2c1ca 406561 composer_1.8.4.orig.tar.gz
ac72be77e3747c29b2b885ecf8dfaa6d0d85b9c4 13064 composer_1.8.4-1+deb10u2.debian.tar.xz
cfdfc533e5656587470768c0cbcc0aee04513c7b 6680 composer_1.8.4-1+deb10u2_amd64.buildinfo
Checksums-Sha256:
53310c41fb83e1482c9a291bf7509f0cfcc1119a18513099f1645626ec6adf1a 1904 composer_1.8.4-1+deb10u2.dsc
288ab33c8f11f0db4b5883d4a115a8ead8ef1a74c924f3accadc61d220ca22de 406561 composer_1.8.4.orig.tar.gz
23e6590db42362576cd594fea7c8aabe8c378164822dfa7d640750dab24272e8 13064 composer_1.8.4-1+deb10u2.debian.tar.xz
1aef941fe03a282bd6236320d61795b0dc61ee3e798780a01e6a444acdbad8d9 6680 composer_1.8.4-1+deb10u2_amd64.buildinfo
Files:
2f6a5a87ec66bdf25d2d44d3187ccdd1 1904 php optional composer_1.8.4-1+deb10u2.dsc
0fb0249cc1047048c91fa1c7c6d706a4 406561 php optional composer_1.8.4.orig.tar.gz
0a176b8aad179123ba8f682a77683333 13064 php optional composer_1.8.4-1+deb10u2.debian.tar.xz
34ef98cad317e22ffb370321089fe6ba 6680 php optional composer_1.8.4-1+deb10u2_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQFGBAEBCAAwFiEEeHVNB7wJXHRI941mBYwc+UT2vTwFAmKTRKESHHRhZmZpdEBk
ZWJpYW4ub3JnAAoJEAWMHPlE9r08xlsIAJNUoobevU+X3afaILEtcS3Gn802koKd
TCJTI/WduSlbDxwcLOtLxGVabI0qPfHE5pPAlwbGWIV+rap8bg1YpgDaGjB3tt6b
yenRgmMWVY1zNhbaSal0ns4eno635UaNDZfvkyVmpbESLHIARMDjQD008ndQ7aWw
4v7qzzewwGLxSedSprYJY+sbaTLXPfaazOakOC8VdHMqQTWrAm4p3xgeOT4kaHX7
LsicdptQvWfl15XUfMaC9iS8CPSrNBL7j62mp76taF8PdcP/jkX7xtv+Ar/Pr3KT
eZ+2FAOk4oHHrwCjsWhpsqeFIbsBzAUEoiRga9quH08kdxtYD6L/M4Y=
=TsZe
-----END PGP SIGNATURE-----
Reply to: