| Release | Version |
|---|---|
| stretch | 1.2.2-1+deb9u3 |
| stretch (security) | 1.2.2-1+deb9u1 |
| buster | 1.8.4-1+deb10u4 |
| bullseye | 2.0.9-2+deb11u4 |
| bookworm | 2.5.5-1+deb12u2 |
| trixie | 2.8.3-1 |
| sid | 2.8.3-1 |
| Bug | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-43655 | fixed | fixed | vulnerable (no DSA) | vulnerable (no DSA, postponed) | fixed | fixed | Composer is a dependency manager for PHP. Users publishing a composer. ... |
| Bug | Description |
|---|---|
| CVE-2024-35242 | Composer is a dependency manager for PHP. On the 2.x branch prior to v ... |
| CVE-2024-35241 | Composer is a dependency manager for PHP. On the 2.x branch prior to v ... |
| CVE-2024-24821 | Composer is a dependency Manager for the PHP language. In affected ver ... |
| CVE-2022-24828 | Composer is a dependency manager for the PHP programming language. Int ... |
| CVE-2021-41116 | Composer is an open source dependency manager for the PHP language. In ... |
| CVE-2021-29472 | Composer is a dependency manager for PHP. URLs for Mercurial repositor ... |
| CVE-2015-8371 | Composer before 2016-02-10 allows cache poisoning from other projects ... |
| DSA / DLA | Description |
|---|---|
| DSA-5715-2 | composer - regression update |
| DLA-3838-1 | composer - security update |
| ELA-1114-1 | composer - security update |
| DSA-5715-1 | composer - security update |
| ELA-1096-1 | composer - security update |
| DLA-3777-1 | composer - security update |
| DSA-5632-1 | composer - security update |
| DLA-2654-1 | composer - security update |
| DSA-4907-1 | composer - security update |