search

Roave / SecurityAdvisories

:closed_lock_with_key: Security advisories as a simple composer exclusion list, updated daily
MIT License
2.72k stars 106 forks source link

Update `illuminate / cookie` #67

Closed tp closed 4 years ago

tp commented 4 years ago

After the Laravel Cookie incident, I think the conflict with https://github.com/illuminate/cookie needs to be updated.

Related: https://blog.laravel.com/laravel-cookie-security-releases

Ocramius commented 4 years ago

@tp this repo only contains aggregated advisories from upstream sources: you will probably need to report any problem in specific packages in friendsofphp/security-advisories or to the GitHub security advisories.

tp commented 4 years ago

Thanks for explaining @Ocramius

So there is an upstream PR open already: https://github.com/FriendsOfPHP/security-advisories/pull/478

Is there anything more that needs to be done here then once that is merged? Else we can close this.

Ocramius commented 4 years ago

Nope, it syncs here automatically, once an hour 👍

Closing here for now