Merge pull request #524 from bgashebr/master

docs(PHPELS-68): update public doc for laravel, phpunit, league-commnmark

Author: sboldyreva

docs/.vuepress/components/ELSTechnology.vue

@@ -1580,7 +1580,7 @@ const techData = [
       },
       {
         name: "League Commonmark",
-        versions: "1.6.7",
+        versions: "1.6.7 | 2.7.1",
         link: "./league-commonmark/",
       },
       {
@@ -1595,7 +1595,7 @@ const techData = [
       },
       {
         name: "PHPUnit",
-        versions: "12.4.5",
+        versions: "6.5.14 | 7.5.20 | 8.4.3 | 9.5.28 | 10.4.2 | 11.4.4 | 12.4.5",
         link: "./phpunit/",
       },
       {

docs/.vuepress/public/images/league-commonmark-logo.webp

@@ -141,45 +141,67 @@ Fixes for the following vulnerabilities are available in ELS for Laravel from Tu
 
 <template #Laravel_5.4>
 
-| CVE ID         | Severity | Vulnerable versions           | Fixed in version    |
-|----------------|----------|-------------------------------|---------------------|
-| CVE-2021-43808 | Medium   | < 6.18.35, < 7.24.0           | 5.4.36-p2+tuxcare   |
+| CVE ID              | Severity | Vulnerable versions                                              | Fixed in version    |
+|---------------------|----------|------------------------------------------------------------------|---------------------|
+| CVE-2021-43808      | Medium   | < 6.18.35, < 7.24.0                                              | 5.4.36-p1+tuxcare   |
+| CVE-2021-21263      | High     | < 6.20.14, < 7.30.4, < 8.24.0                                    | 5.4.36-p2+tuxcare   |
+| GHSA-x7p5-p2c9-phvg | High     | < 6.20.14, < 7.30.4, < 8.24.0                                    | 5.4.36-p2+tuxcare   |
+| GHSA-jwvj-pwww-3mj5 | High     | < 6.20.14, < 7.30.4, < 8.24.0                                    | 5.4.36-p2+tuxcare   |
+| CVE-2017-14775      | Medium   | < 5.5.10                                                         | 5.4.36-p2+tuxcare   |
+| CVE-2017-16894      | High     | <= 5.5.21                                                        | 5.4.36-p2+tuxcare   |
+| CVE-2018-15133      | High     | <= 5.5.40, 5.6.0 - 5.6.29                                        | 5.4.36-p2+tuxcare   |
+| CVE-2024-52301      | High     | < 6.20.45, < 7.30.7, < 8.83.28, < 9.52.17, < 10.48.23, < 11.31.0 | 5.4.36-p2+tuxcare   |
+| CVE-2020-19316      | High     | < 5.8.17                                                         | 5.4.36-p2+tuxcare   |
+| CVE-2020-24941      | High     | < 6.18.35, < 7.24.0                                              | 5.4.36-p2+tuxcare   |
+| CVE-2025-27515      | Medium   | < 11.44.1, < 12.1.1                                              | 5.4.36-p2+tuxcare   |
+| GHSA-7852-w36x-6mf6 | Medium   | < 5.5.40, < 5.6.15                                               | 5.4.36-p2+tuxcare   |
+| GHSA-4mg9-vhxq-vm7j | High     | < 6.20.26, < 7.30.5, < 8.40.0                                    | 5.4.36-p3+tuxcare   |
+| GHSA-wq8p-mqvg-2p5h | High     | < 6.20.26, < 7.30.5, < 8.40.0                                    | 5.4.36-p3+tuxcare   |
 
 </template>
 
 <template #Laravel_5.5>
 
-| CVE ID              | Severity | Vulnerable versions           | Fixed in version    |
-|---------------------|----------|-------------------------------|---------------------|
-| CVE-2021-43808      | Medium   | < 6.18.35, < 7.24.0           | 5.5.50-p1+tuxcare   |
-| CVE-2020-24941      | High     | < 6.18.35, < 7.24.0           | 5.5.50-p1+tuxcare   |
-| GHSA-x7p5-p2c9-phvg | High     | < 6.20.14, < 7.30.4, < 8.24.0 | 5.5.50-p1+tuxcare   |
-| GHSA-qm5c-m76r-2hfr | Critical | < 6.18.31, < 7.22.4           | 5.5.50-p1+tuxcare   |
-| GHSA-4mg9-vhxq-vm7j | High     | < 6.18.35, < 7.24.0           | 5.5.50-p1+tuxcare   |
+| CVE ID              | Severity | Vulnerable versions                                              | Fixed in version    |
+|---------------------|----------|------------------------------------------------------------------|---------------------|
+| CVE-2021-43808      | Medium   | < 6.18.35, < 7.24.0                                              | 5.5.50-p1+tuxcare   |
+| CVE-2020-24941      | High     | < 6.18.35, < 7.24.0                                              | 5.5.50-p1+tuxcare   |
+| GHSA-x7p5-p2c9-phvg | High     | < 6.20.14, < 7.30.4, < 8.24.0                                    | 5.5.50-p1+tuxcare   |
+| GHSA-qm5c-m76r-2hfr | Critical | < 6.18.31, < 7.22.4                                              | 5.5.50-p1+tuxcare   |
+| GHSA-4mg9-vhxq-vm7j | High     | < 6.18.35, < 7.24.0                                              | 5.5.50-p1+tuxcare   |
+| CVE-2024-52301      | High     | < 6.20.45, < 7.30.7, < 8.83.28, < 9.52.17, < 10.48.23, < 11.31.0 | 5.5.50-p1+tuxcare   |
+| CVE-2020-19316      | High     | < 5.8.17                                                         | 5.5.50-p1+tuxcare   |
+| CVE-2025-27515      | Medium   | < 11.44.1, < 12.1.1                                              | 5.5.50-p1+tuxcare   |
 
 </template>
 
 <template #Laravel_5.6>
 
-| CVE ID              | Severity | Vulnerable versions           | Fixed in version    |
-|---------------------|----------|-------------------------------|---------------------|
-| CVE-2021-43808      | Medium   | < 6.18.35, < 7.24.0           | 5.6.40-p1+tuxcare   |
-| CVE-2020-24941      | High     | < 6.18.35, < 7.24.0           | 5.6.40-p1+tuxcare   |
-| GHSA-x7p5-p2c9-phvg | High     | < 6.20.14, < 7.30.4, < 8.24.0 | 5.6.40-p1+tuxcare   |
-| GHSA-qm5c-m76r-2hfr | Critical | < 6.18.31, < 7.22.4           | 5.6.40-p1+tuxcare   |
-| GHSA-4mg9-vhxq-vm7j | High     | < 6.18.35, < 7.24.0           | 5.6.40-p1+tuxcare   |
+| CVE ID              | Severity | Vulnerable versions                                              | Fixed in version    |
+|---------------------|----------|------------------------------------------------------------------|---------------------|
+| CVE-2021-43808      | Medium   | < 6.18.35, < 7.24.0                                              | 5.6.40-p1+tuxcare   |
+| CVE-2020-24941      | High     | < 6.18.35, < 7.24.0                                              | 5.6.40-p1+tuxcare   |
+| GHSA-x7p5-p2c9-phvg | High     | < 6.20.14, < 7.30.4, < 8.24.0                                    | 5.6.40-p1+tuxcare   |
+| GHSA-qm5c-m76r-2hfr | Critical | < 6.18.31, < 7.22.4                                              | 5.6.40-p1+tuxcare   |
+| GHSA-4mg9-vhxq-vm7j | High     | < 6.18.35, < 7.24.0                                              | 5.6.40-p1+tuxcare   |
+| CVE-2024-52301      | High     | < 6.20.45, < 7.30.7, < 8.83.28, < 9.52.17, < 10.48.23, < 11.31.0 | 5.6.40-p1+tuxcare   |
+| CVE-2020-19316      | High     | < 5.8.17                                                         | 5.6.40-p1+tuxcare   |
+| CVE-2025-27515      | Medium   | < 11.44.1, < 12.1.1                                              | 5.6.40-p1+tuxcare   |
 
 </template>
 
 <template #Laravel_5.7>
 
-| CVE ID              | Severity | Vulnerable versions           | Fixed in version    |
-|---------------------|----------|-------------------------------|---------------------|
-| CVE-2021-43808      | Medium   | < 6.18.35, < 7.24.0           | 5.7.29-p1+tuxcare   |
-| CVE-2020-24941      | High     | < 6.18.35, < 7.24.0           | 5.7.29-p1+tuxcare   |
-| GHSA-x7p5-p2c9-phvg | High     | < 6.20.14, < 7.30.4, < 8.24.0 | 5.7.29-p1+tuxcare   |
-| GHSA-qm5c-m76r-2hfr | Critical | < 6.18.31, < 7.22.4           | 5.7.29-p1+tuxcare   |
-| GHSA-4mg9-vhxq-vm7j | High     | < 6.18.35, < 7.24.0           | 5.7.29-p1+tuxcare   |
+| CVE ID              | Severity | Vulnerable versions                                              | Fixed in version    |
+|---------------------|----------|------------------------------------------------------------------|---------------------|
+| CVE-2021-43808      | Medium   | < 6.18.35, < 7.24.0                                              | 5.7.29-p1+tuxcare   |
+| CVE-2020-24941      | High     | < 6.18.35, < 7.24.0                                              | 5.7.29-p1+tuxcare   |
+| GHSA-x7p5-p2c9-phvg | High     | < 6.20.14, < 7.30.4, < 8.24.0                                    | 5.7.29-p1+tuxcare   |
+| GHSA-qm5c-m76r-2hfr | Critical | < 6.18.31, < 7.22.4                                              | 5.7.29-p1+tuxcare   |
+| GHSA-4mg9-vhxq-vm7j | High     | < 6.18.35, < 7.24.0                                              | 5.7.29-p1+tuxcare   |
+| CVE-2024-52301      | High     | < 6.20.45, < 7.30.7, < 8.83.28, < 9.52.17, < 10.48.23, < 11.31.0 | 5.7.29-p1+tuxcare   |
+| CVE-2020-19316      | High     | < 5.8.17                                                         | 5.7.29-p1+tuxcare   |
+| CVE-2025-27515      | Medium   | < 11.44.1, < 12.1.1                                              | 5.7.29-p1+tuxcare   |
 
 </template>
 

docs/els-for-libraries/laravel/README.md

@@ -4,7 +4,7 @@ Endless Lifecycle Support (ELS) for League CommonMark from TuxCare provides secu
 
 ## Supported Versions
 
-* **League CommonMark** 1.6.7
+* **League CommonMark** 1.6.7, 2.7.1
 
 Other versions upon request.
 
@@ -54,11 +54,28 @@ Add the `els_php` Composer repository either via CLI or by editing `composer.jso
 
 Install the TuxCare-maintained League CommonMark release that matches your project:
 
+<TableTabs label="Choose version: " >
+
+<template #League_CommonMark_1.6>
+
 <CodeTabs :tabs="[
-  { title: 'Composer CLI', content: `composer require league/commonmark:1.6.7-p2+tuxcare` },
-  { title: 'composer.json', content: commonmarkjson }
+  { title: 'Composer CLI', content: `composer require league/commonmark:1.6.7-p3+tuxcare` },
+  { title: 'composer.json', content: commonmarkjson16 }
 ]" />
 
+</template>
+
+<template #League_CommonMark_2.7>
+
+<CodeTabs :tabs="[
+  { title: 'Composer CLI', content: `composer require league/commonmark:2.7.1-p1+tuxcare` },
+  { title: 'composer.json', content: commonmarkjson27 }
+]" />
+
+</template>
+
+</TableTabs>
+
 **Check the exact version listed in your TuxCare Nexus account to ensure you receive the most recent patched release.**
 
 If you edited `composer.json` manually, run `composer update` to install the package:
@@ -115,13 +132,23 @@ Fixes for the following vulnerabilities are available in ELS for League CommonMa
 
 <template #League_CommonMark_1.6>
 
-| CVE ID             | Severity | Vulnerable versions | Fixed in version    |
-|--------------------|----------|---------------------|---------------------|
-| CVE-2025-46734     | Medium   | < 2.7.0             | 1.6.7-p2+tuxcare    |
+| CVE ID              | Severity | Vulnerable versions | Fixed in version    |
+|---------------------|----------|---------------------|---------------------|
+| CVE-2026-30838      | High     | < 2.8.1             | 1.6.7-p3+tuxcare    |
+| CVE-2025-46734      | Medium   | < 2.7.0             | 1.6.7-p2+tuxcare    |
 | GHSA-c2pc-g5qf-rfrf | High     | < 2.6.0             | 1.6.7-p1+tuxcare    |
 
 </template>
 
+<template #League_CommonMark_2.7>
+
+| CVE ID         | Severity | Vulnerable versions | Fixed in version    |
+|----------------|----------|---------------------|---------------------|
+| CVE-2026-33347 | High     | < 2.8.2             | 2.7.1-p1+tuxcare    |
+| CVE-2026-30838 | High     | < 2.8.1             | 2.7.1-p1+tuxcare    |
+
+</template>
+
 </TableTabs>
 
 If you are interested in the TuxCare Endless Lifecycle Support, contact [[email protected]](mailto:[email protected]).
@@ -156,10 +183,17 @@ const composerjson =
 const cli =
 `composer config repositories.tuxcare '{"type":"composer","url":"https://nexus.repo.tuxcare.com/repository/els_php/","options":{"http":{"verify":true}}}' --json`
 
-const commonmarkjson =
+const commonmarkjson16 =
+`{
+    "require": {
+        "league/commonmark": "1.6.7-p3+tuxcare"
+    }
+}`
+
+const commonmarkjson27 =
 `{
     "require": {
-        "league/commonmark": "1.6.7-p2+tuxcare"
+        "league/commonmark": "2.7.1-p1+tuxcare"
     }
 }`