It was discovered that composer, a dependency manager for the PHP language, processed files in the local working directory. This could lead to local privilege escalation or malicious code execution. Due to a technical issue this email was not sent on 2024-02-26 like it should have.
https://security-tracker.debian.org/tracker/DSA-5632-1
Continue reading...
https://security-tracker.debian.org/tracker/DSA-5632-1
Continue reading...