Debian Linux Security Advisory 5715-1 - Two vulnerabilities have been discovered in Composer, a dependency manager for PHP, which could result in arbitrary command execution by operating on malicious git/hg repositories.
47524eaef79a18432c3a4ae5e3acd5c797c5783aef817def7aece996f17e03da