Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 26: 2018-8b35c531db Moderate: Composer Security Fix

fedora
Calendar Grey April 25, 2018
Dist Fedora Esm H88
Patch for composer addressing vulnerabilities, advised for all Fedora 26 users featuring improved dependency oversight.
**Version 1.6.4** - 2018-04-13 * Security fixes in some edge case scenarios, recommended update for all users * Fixed regression in version guessing of path repositories * Fixed...

Summary

Composer helps you declare, manage and install dependencies of PHP projects,

ensuring you have the right stack everywhere.

Documentation: https://getcomposer.org/doc/

**Version 1.6.4** - 2018-04-13 * Security fixes in some edge case scenarios,

recommended update for all users * Fixed regression in version guessing of

path repositories * Fixed removing aliased packages from the repository, which

might resolve some odd update bugs * Fixed updating of package URLs for GitLab

* Fixed run-script --list failing when script handlers were defined * Fixed

init command not respecting the current php version when selecting package

versions * Fixed handling of uppercase package names in why/why-not commands

* Fixed exclude-from-classmap symlink handling * Fixed filesystem permissions

of PEAR binaries * Improved performance of subversion repos * Other minor

fixes

* Mon Apr 16 2018 Remi Collet - 1.6.4-1

- update to 1.6.4

* Thu Feb 1 2018 Remi Collet - 1.6.3-1

- Update to 1.6.3

* Sun Jan 7 2018 Remi Collet - 1.6.2-1

- Update to 1.6.2

* Thu Jan 4 2018 Remi Collet - 1.6.1-1

- Update to 1.6.1

* Thu Jan 4 2018 Remi Collet - 1.6.0-2

- open https://github.com/composer/composer/pull/6974

Fix dependency on composer/spdx-licenses

- raise dependency on composer/spdx-licenses 1.2

* Mon Dec 18 2017 Remi Collet - 1.5.6-1

- Update to 1.5.6

- switch to symfony package names

* Fri Dec 1 2017 Remi Collet - 1.5.5-1

- Update to 1.5.5

* Fri Dec 1 2017 Remi Collet - 1.5.4-1

- Update to 1.5.4

* Fri Dec 1 2017 Remi Collet - 1.5.3-1

- Update to 1.5.3

* Mon Sep 11 2017 Remi Collet - 1.5.2-1

- Update to 1.5.2

* Wed Aug 9 2017 Remi Collet - 1.5.1-1

- Update to 1.5.1

* Tue Aug 8 2017 Remi Collet - 1.5.0-1

- Update to 1.5.0

* Mon Aug 7 2017 Remi Collet - 1.4.3-1

- Update to 1.4.3

- ignore 2 failed tests related to BC break in symfony

su -c 'dnf upgrade --advisory FEDORA-2018-8b35c531db' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Topics%20covered

Topics Covered

security advisory moderate fedora update security fix dependency management composer

Change Log

References

Update Instructions

Severity
important
Lowest
Low
Medium
High
Critical

Product: Fedora 26
Version: 1.6.4
Release: 1.fc26
URL: https://getcomposer.org/
Summary: Dependency Manager for PHP

Topics%20covered

Topics Covered

security advisory moderate fedora update security fix dependency management composer

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here