Fedora Update Notification
2022-04-21 20:57:05.212161

Name        : composer
Product     : Fedora 34
Version     : 2.2.12
Release     : 1.fc34
URL         : https://getcomposer.org/
Summary     : Dependency Manager for PHP
Description :
Composer helps you declare, manage and install dependencies of PHP projects,
ensuring you have the right stack everywhere.

Documentation: https://getcomposer.org/doc/

Update Information:

**Version 2.2.12** - 2022-04-13  * Security: Fixed command injection
vulnerability in HgDriver/GitDriver (GHSA-x7cr-6qr6-2hh6 / CVE-2022-24828) *
Fixed curl downloader not retrying when a DNS resolution failure occurs (#10716)
* Fixed composer.lock file still being used/read when the `lock` config option
is disabled (#10726) * Fixed `validate` command checking the lock file even if
the `lock` option is disabled (#10723)  ----  **Version 2.2.11** -  2022-04-01
* Added missing config.bitbucket-oauth in composer-schema.json * Added --2.2
flag to `self-update` to pin the Composer version to the 2.2 LTS range (#10682)
* Updated semver, jsonlint deps for minor fixes * Fixed generation of autoload
crashing if a package has a broken path (#10688) * Removed dev-master=>dev-main
alias from #10372 as it does not work when reloading from lock file and
extracting dev deps (#10651)

* Thu Apr 14 2022 Remi Collet  - 2.2.12-1
- update to 2.2.12

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-617a6df23e' at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure