Control: tags -1 + confirmed On Sat, 2024-03-02 at 11:19 +0100, David Prévot wrote: > I’d like to see CVE-2024-27354 and CVE-2024-27355 addressed in the > next > point release. We agreed with the security team that these issues are > not worth a DSA. This update also fixes an issue in dependency > loading > similar to CVE-2024-24821 as fixed in composer/DSA-5632-1. >
Please go ahead. Regards, Adam
