Roave / SecurityAdvisories

:closed_lock_with_key: Security advisories as a simple composer exclusion list, updated daily
MIT License
2.72k stars 105 forks source link

typo3/cms needs to be in sync with typo3/cms-core #105

Closed simonschaufi closed 1 year ago

simonschaufi commented 1 year ago

typo3/cms-core: >=9,<9.5.37 is wrong. It needs to be >=9,<9.5.29. The other version constraints also needs to match.

froschdesign commented 1 year ago

typo3/cms-core: >=9,<9.5.37 is wrong.

See:

Ocramius commented 1 year ago

This repository only merges published advisories: you will need to find the faulty CVE publication, and backtrack from there.