Merge pull request #1234 from acelaya-forks/feature/sql-injection

Enforced doctrine/dbal 3.1.4
This commit is contained in:
Alejandro Celaya 2021-11-15 19:53:01 +01:00 committed by GitHub
commit 4a3fa85b5f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 19 additions and 1 deletions

View File

@ -4,6 +4,23 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com), and this project adheres to [Semantic Versioning](https://semver.org).
## [2.9.3] - 2021-11-15
### Added
* *Nothing*
### Changed
* *Nothing*
### Deprecated
* *Nothing*
### Removed
* *Nothing*
### Fixed
* [#1232](https://github.com/shlinkio/shlink/issues/1232) Solved potential SQL injection by enforcing `doctrine/dbal` 3.1.4.
## [2.9.2] - 2021-10-23
### Added
* *Nothing*

View File

@ -18,7 +18,8 @@
"akrabat/ip-address-middleware": "^2.0",
"cakephp/chronos": "^2.2",
"cocur/slugify": "^4.0",
"doctrine/migrations": "^3.3",
"doctrine/dbal": "^3.1.4",
"doctrine/migrations": "^3.3 <3.3.2",
"doctrine/orm": "^2.9",
"endroid/qr-code": "^4.2",
"geoip2/geoip2": "^2.11",