-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 13 Jun 2024 08:57:06 +0200 Source: composer Architecture: source Version: 2.7.7-1 Distribution: unstable Urgency: medium Maintainer: Debian PHP PEAR Maintainers <pkg-php-pear@lists.alioth.debian.org> Changed-By: David Prévot <taffit@debian.org> Closes: 1073125 1073126 Changes: composer (2.7.7-1) unstable; urgency=medium . [ Jordi Boggiano ] * Fix Filesystem::isLocalPath including windows checks on linux * Fix perforce arg not being escaped correctly * Fix handling of zip bombs when unzipping archives * Fix UX when a non-required plugin is still present in vendor dir (#12000) * Fixed PSR violations for classes not matching the namespace of a rule being hidden, fixes #11957 * Fix new platform requirements from composer.json not being checked when composer.lock is outdated, fixes #11989 (#12001) * Fix empty type support in init command, fixes #11999 * Fix secure-http check to avoid bypass using emojis * Merge pull request from GHSA-v9qv-c7wm-wgmf [CVE-2024-35242] (Closes: #1073126) * Merge pull request from GHSA-47f6-5gq3-vx9c [CVE-2024-35241] (Closes: #1073125) * Fix windows parameter encoding to prevent abuse of unicode characters with best fit encoding conversion * Release 2.7.7 . [ Krzysztof Ciszewski ] * composer#11852 fix: ability to remove autoload* keys (#11967) * Fix composer error when git config safe.bareRepository is set to explicit (#11969) . [ Dan Wallis ] * Close style tags to avoid bleed (#11972) . [ Sam B ] * To enable to the TransportException code to be accessed in PHP < 8.1, make reflection property accessible (#11974) Checksums-Sha1: 55aca5600abdbd45498865f7af3876d8972353f7 2222 composer_2.7.7-1.dsc 1b10df781006ec5fe80d12a84ac949010a33884d 665056 composer_2.7.7.orig.tar.xz 69d8ff242b76424a4648748b6bed85d167e51ab4 18056 composer_2.7.7-1.debian.tar.xz b10b9ea66f5a87713edd594f2c65a8106219cae1 9311 composer_2.7.7-1_amd64.buildinfo Checksums-Sha256: fb6beed1282431d19d51838c6b43e8b12745ecf1ed93ebb3db68bbd1f51e627f 2222 composer_2.7.7-1.dsc 000306b9e45380ad5c9a0a740d1959e6acfa21ff9ebf5dee3d906293c829f8a7 665056 composer_2.7.7.orig.tar.xz d5366cfc29c9296561ece67cfac7ee62e5c7106d118e956c30826d6a02a9a074 18056 composer_2.7.7-1.debian.tar.xz ef634e021d4d665f82b4572f3a3db049dfa93dca8a238b2890dacca1576219fc 9311 composer_2.7.7-1_amd64.buildinfo Files: 07081042b7bcbdd3f36b0a692f548182 2222 php optional composer_2.7.7-1.dsc a6a86604caf8cbf56a2f5c5a6c0b0601 665056 php optional composer_2.7.7.orig.tar.xz a0f5f26c067d7e1b9a12cc8f8acb2b90 18056 php optional composer_2.7.7-1.debian.tar.xz 3c442f3dbd3fb4ea7537514f7eabab2e 9311 php optional composer_2.7.7-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQFGBAEBCAAwFiEEeHVNB7wJXHRI941mBYwc+UT2vTwFAmZqyR4SHHRhZmZpdEBk ZWJpYW4ub3JnAAoJEAWMHPlE9r08f/cH/i48iyXQkJf3jFCuhF0NBttRqgbImgAe 4mbn0qGseFWa5OtmlJUefBjtP2EdrynFfOablM/Poc340/68knz35uuhq+lJMwxk wZ+CFjdJw/ad6YWgx6E5LX3q/W836gxefOphOBqhTUZRPClQ2kbeRGEaTJM2E09o KM3XJTcJX9B9yElK287ygJqj4E+aZv71GC63aVnllQlu/cA3BJW8Jwe+7qDpDhBB vGwZAPsoRnMbHMNOadVvYaQmU7GByMfqfPCVpnMcefXeFd9jgdsCP4yPt9JuW76p koge4Roy/Hj/N2FdU1yNnb1J/JaH+P5fQ31X1oY8S9ZOwuYpBUr+gWI= =nORV -----END PGP SIGNATURE-----
