- Package:
- release.debian.org
- Source:
- release.debian.org
- Submitter:
- David Prévot
- Date:
- 2026-05-24 16:07:06 UTC
- Severity:
- normal
- Tags:
Hi, As agreed with the security team, I’d like to address a GitHub token leak [CVE-2026-45793] via p-u. The change is just a regex match on code that may not be used outside of GitHub infrastructure, and the testsuite is updated to check for it. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable Cheers, taffit
Hi, Please go ahead. Thanks,
package release.debian.org tags 1136642 = trixie pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian trixie. Thanks for your contribution! Upload details ============== Package: composer Version: 2.8.8-1+deb13u3 Explanation: fix support for new GitHub token format [-2026-45793]
package release.debian.org tags 1136642 = trixie pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian trixie. Thanks for your contribution! Upload details ============== Package: composer Version: 2.8.8-1+deb13u3 Explanation: fix support for new GitHub token format [-2026-45793]