[Bug 1185376] VUL-0: CVE-2021-29472: php-composer: crafted URL values allow code to be executed in the HgDriver

https://bugzilla.suse.com/show_bug.cgi?id=1185376 https://bugzilla.suse.com/show_bug.cgi?id=1185376#c3 --- Comment #3 from Swamp Workflow Management --- # maintenance_jira_update_notice openSUSE-SU-2021:1289-1: An update that solves one vulnerability and has one errata is now available. Category: security (important) Bug References: 1185376,1187416 CVE References: CVE-2021-29472 JIRA References: Sources used: openSUSE Leap 15.2 (src): php-composer-1.10.22-lp152.2.3.1 openSUSE Backports SLE-15-SP3 (src): php-composer-1.10.22-bp153.2.3.1 openSUSE Backports SLE-15-SP2 (src): php-composer-1.10.22-bp152.2.3.1 openSUSE Backports SLE-15-SP1 (src): php-composer-1.10.22-bp151.3.3.1 -- You are receiving this mail because: You are on the CC list for the bug.