Merge pull request #124 from magento-commerce/fix-compose-vulnerability

tomreece · web-flow · commit 9998e5615a37 · 2024-03-26T15:48:18.000-05:00
MCLOUD-11870: Composer Vulnerability (CVE-2024-24821)
diff --git a/images/php/8.0-cli/Dockerfile b/images/php/8.0-cli/Dockerfile
@@ -12,7 +12,7 @@ RUN if [ $(uname -m) = "x86_64" ]; then mailhog_arch="amd64"; else mailhog_arch=
 
 FROM php:8.0.14-cli
 
-ARG COMPOSER_VERSION=2.1.14
+ARG COMPOSER_VERSION=2.2.23
 ARG MAGENTO_ROOT=/app
 ARG COMPOSER_ALLOW_SUPERUSER=1
 ARG COMPOSER_HOME=/composer
diff --git a/images/php/8.1-cli/Dockerfile b/images/php/8.1-cli/Dockerfile
@@ -12,7 +12,7 @@ RUN if [ $(uname -m) = "x86_64" ]; then mailhog_arch="amd64"; else mailhog_arch=
 
 FROM php:8.1.1-cli
 
-ARG COMPOSER_VERSION=2.1.14
+ARG COMPOSER_VERSION=2.2.23
 ARG MAGENTO_ROOT=/app
 ARG COMPOSER_ALLOW_SUPERUSER=1
 ARG COMPOSER_HOME=/composer
diff --git a/images/php/8.2-cli/Dockerfile b/images/php/8.2-cli/Dockerfile
@@ -12,7 +12,7 @@ RUN if [ $(uname -m) = "x86_64" ]; then mailhog_arch="amd64"; else mailhog_arch=
 
 FROM php:8.2-cli
 
-ARG COMPOSER_VERSION=2.2.18
+ARG COMPOSER_VERSION=2.2.23
 ARG MAGENTO_ROOT=/app
 ARG COMPOSER_ALLOW_SUPERUSER=1
 ARG COMPOSER_HOME=/composer
diff --git a/images/php/8.3-cli/Dockerfile b/images/php/8.3-cli/Dockerfile
@@ -12,7 +12,7 @@ RUN if [ $(uname -m) = "x86_64" ]; then mailhog_arch="amd64"; else mailhog_arch=
 
 FROM php:8.3-cli
 
-ARG COMPOSER_VERSION=2.2.18
+ARG COMPOSER_VERSION=2.7.0
 ARG MAGENTO_ROOT=/app
 ARG COMPOSER_ALLOW_SUPERUSER=1
 ARG COMPOSER_HOME=/composer
