Fedora 43 pie 1.4.5 Important Sudo Code Execution Threats

PIE (PHP Installer for Extensions).

PIE can install an extension to any installed PHP version.

A list of extensions that support PIE can be found on

https://packagist.org/extensions.

Documentation: /usr/share/doc/pie/docs/usage.md

Version 1.4.5 This release contains vulnerability fixes for the following security advisories: GHSA-h842-vjwg-pxxx - Sudo-elevated arbitrary file deletion via extra.pie- installed-binary metadata in UninstallUsingUnlink GHSA-pm6p-666q-hvj5 - Sudo-elevated root code execution via TOCTOU between self- update verify and write GHSA-f67f-c344-cqqr - PIE self-update accepts any historically-attested pie.phar (rollback gap) GHSA-vcv4-gmjc-mxvq - php-ext.build-path traversal escapes PIE's vendor extract directory GHSA-8xmh-xrvp-hwrf - WindowsInstall::copyExtraFile lacks destination containment check (Windows-only path traversal) GHSA-p4j8-36rr-gjfq - Self-update attestation verification is scoped to --owner=php, not --repo=php/pie