Merge pull request #13975 from ubc-cpsc/bugfix/CVE-2023-49316

Fixes CVE-2023-49316 by upgrading phpseclib/phpseclib
This commit is contained in:
snipe 2023-11-30 16:22:08 +00:00 committed by GitHub
commit 47c8ae000a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

15
composer.lock generated
View file

@ -7011,16 +7011,16 @@
},
{
"name": "phpseclib/phpseclib",
"version": "3.0.14",
"version": "3.0.34",
"source": {
"type": "git",
"url": "https://github.com/phpseclib/phpseclib.git",
"reference": "2f0b7af658cbea265cbb4a791d6c29a6613f98ef"
"reference": "56c79f16a6ae17e42089c06a2144467acc35348a"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/2f0b7af658cbea265cbb4a791d6c29a6613f98ef",
"reference": "2f0b7af658cbea265cbb4a791d6c29a6613f98ef",
"url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/56c79f16a6ae17e42089c06a2144467acc35348a",
"reference": "56c79f16a6ae17e42089c06a2144467acc35348a",
"shasum": ""
},
"require": {
@ -7032,6 +7032,7 @@
"phpunit/phpunit": "*"
},
"suggest": {
"ext-dom": "Install the DOM extension to load XML formatted public keys.",
"ext-gmp": "Install the GMP (GNU Multiple Precision) extension in order to speed up arbitrary precision integer arithmetic operations.",
"ext-libsodium": "SSH2/SFTP can make use of some algorithms provided by the libsodium-php extension.",
"ext-mcrypt": "Install the Mcrypt extension in order to speed up a few other cryptographic operations.",
@ -7100,7 +7101,7 @@
],
"support": {
"issues": "https://github.com/phpseclib/phpseclib/issues",
"source": "https://github.com/phpseclib/phpseclib/tree/3.0.14"
"source": "https://github.com/phpseclib/phpseclib/tree/3.0.34"
},
"funding": [
{
@ -7116,7 +7117,7 @@
"type": "tidelift"
}
],
"time": "2022-04-04T05:15:45+00:00"
"time": "2023-11-27T11:13:31+00:00"
},
{
"name": "phpspec/prophecy",
@ -16600,5 +16601,5 @@
"ext-pdo": "*"
},
"platform-dev": [],
"plugin-api-version": "2.3.0"
"plugin-api-version": "2.6.0"
}