Posted in php
Posts Tagged ‘security’
PHP 7.3 is inching closer to general release (planned for December), with todays announcement of the first PHP 7.3 release candidate: The PHP team is glad to announce the release of the next PHP 7.3.0 pre-release, PHP 7.3.0RC1. The rough outline of the PHP 7.3 release cycle is specified in the PHP Wiki: https://wiki.php.net/todo/php73 Heres the remaining timeline leading up to the general release of PHP 7.3: Along with the new release candidate, releases for all minor versions of PHP 7 are available as of September 13th.
Posted in vuejs
Laravel 5.6.30 and Laravel 5.5.42 have both been released to fix a security issue and is recommended that all users upgrade as soon as possible. According to the upgrade docs: This vulnerability may only be exploited if your application encryption key (APP_KEY environment variable) has been accessed by a malicious user.
CVE 2018-11235 is a new industry-wide security vulnerability in Git that can lead to arbitrary code execution when a user operates in a malicious repository. In the announcement, Edward Thomson describes the vulenerability: A remote repository may contain a definition for a submodule, and also bundle that submodules repository data, checked in to the parent repository as a folder.
Today, the Composer team released v1.6.4 and it includes a security fix so all users are encouraged to upgrade. According to Jordi Boggiano, it also includes triaging/merging/fixing for almost 200 issues and you can see everything that changed from the release page on Github.