Version 2.9.3 - 2025-12-30 Security: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746) Fixed COMPOSER_NO_SECURITY_BLOCKING env var not being respected for updates done via the install command, and added --no-security-blocking flag to install as well (#12677)
Source: https://linuxsecurity.com/advisories/fe ... 2025-67746
Fedora 42: Composer Critical ANSI Injection Denial of Service Advisory
Who is online
Users browsing this forum: No registered users and 1 guest