Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
145a9d17 by Salvatore Bonaccorso at 2026-07-09T10:17:58+02:00
Add new Composer issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27,11 +27,20 @@ CVE-2026-5922 (The IP phone might use malicious input
stored in configuration pa
CVE-2026-5523 (The Divi Form Builder plugin for WordPress is vulnerable to
Missing Au ...)
NOT-FOR-US: WordPress plugin
CVE-2026-59948 (Composer is a dependency Manager for the PHP language. Prior
to 2.2.29 ...)
- TODO: check
+ - composer 2.10.2-1
+ NOTE:
https://github.com/composer/composer/security/advisories/GHSA-499r-g7pc-vmp9
+ NOTE: Fixed by:
https://github.com/composer/composer/commit/502c6c4f699802d9cf464728b3e8a95674f919a0
(2.10.2)
+ NOTE: Fixed by:
https://github.com/composer/composer/commit/c50b1efd13ebd73f6dca19b31424c5a02bf93cc1
(2.2.29)
CVE-2026-59947 (Composer is a dependency Manager for the PHP language. Prior
to 2.2.29 ...)
- TODO: check
+ - composer 2.10.2-1
+ NOTE:
https://github.com/composer/composer/security/advisories/GHSA-g6xq-892h-64w3
+ NOTE: Fixed by:
https://github.com/composer/composer/commit/8887ad76fbd830cb1861a2b1fd8ead78ed1fa1ec
(2.10.2)
+ NOTE: Fixed by:
https://github.com/composer/composer/commit/6bd66874ae523ecb69aca5964487a0cdfda03ef8
(2.2.29)
CVE-2026-59946 (Composer is a dependency Manager for the PHP language. Prior
to 2.2.29 ...)
- TODO: check
+ - composer 2.10.2-1
+ NOTE:
https://github.com/composer/composer/security/advisories/GHSA-gjfg-22fp-rrxx
+ NOTE: Fixed by:
https://github.com/composer/composer/commit/502c6c4f699802d9cf464728b3e8a95674f919a0
(2.10.2)
+ NOTE: Fixed by:
https://github.com/composer/composer/commit/c50b1efd13ebd73f6dca19b31424c5a02bf93cc1
(2.2.29)
CVE-2026-59939 (httplib2 is a comprehensive HTTP client library for Python.
Prior to 0 ...)
- python-httplib2 0.32.0-1
NOTE:
https://github.com/httplib2/httplib2/security/advisories/GHSA-j5g9-f88f-gfj3
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/145a9d1711bbcd50ede8fc32b50e670eebdb9f47
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/145a9d1711bbcd50ede8fc32b50e670eebdb9f47
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits