From 0be853e28bd157f3ed678f28bade161ad0f9c946 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=B4me=20Gamez?= Date: Mon, 13 Jun 2022 09:15:41 +0200 Subject: [PATCH] Raise minimum version of Guzzle to address CVE-2022-31042 see https://github.com/advisories/GHSA-f2wf-25xc-69c9 --- CHANGELOG.md | 6 +++++- composer.json | 2 +- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0171bda..78f5fe4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,9 +1,13 @@ # CHANGELOG +## Unreleased + +* Raised minimum version of Guzzle to address [CVE-2022-31042](https://github.com/advisories/GHSA-f2wf-25xc-69c9) + ## 1.3.0 - 2022-05-26 * Dropped support for PHP <7.4 -* Raised minimum versions of Guzzle to fix [CVE-2022-29248](https://github.com/advisories/GHSA-cwmx-hcrq-mhc3) +* Raised minimum version of Guzzle to address [CVE-2022-29248](https://github.com/advisories/GHSA-cwmx-hcrq-mhc3) ## 1.2.0 - 2021-05-26 diff --git a/composer.json b/composer.json index d31cf17..449a5a5 100644 --- a/composer.json +++ b/composer.json @@ -12,7 +12,7 @@ ], "require": { "php": "^7.4|^8.0", - "guzzlehttp/guzzle": "^6.5.6|^7.4.3", + "guzzlehttp/guzzle": "^6.5.6|^7.4.4", "psr/http-message": "^1.0" }, "require-dev": {