Information on source package php-pear

Available versions

ReleaseVersion
stretch1:1.10.1+submodules+notgz-9+deb9u3
buster1:1.10.6+submodules+notgz-1.1+deb10u2
bullseye1:1.10.12+submodules+notgz+20210212-1
bookworm1:1.10.13+submodules+notgz+2022032202-2
trixie1:1.10.13+submodules+notgz+2022032202-2
sid1:1.10.13+submodules+notgz+2022032202-2

Open issues

BugstretchbusterbullseyebookwormtrixiesidDescription
CVE-2021-32610vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedIn Archive_Tar before 1.4.14, symlinks can refer to targets outside of ...

Open unimportant issues

BugstretchbusterbullseyebookwormtrixiesidDescription
CVE-2017-5630vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablePECL in the download utility class in the Installer in PEAR Base Syste ...

Resolved issues

BugDescription
CVE-2020-36193Tar.php in Archive_Tar through 1.4.11 allows write operations with Dir ...
CVE-2020-28949Archive_Tar through 1.4.10 has :// filename sanitization only to addre ...
CVE-2020-28948Archive_Tar through 1.4.10 allows an unserialization attack because ph ...
CVE-2018-1000888PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 ...

Security announcements

DSA / DLADescription
DSA-4894-1php-pear - security update
DLA-2621-1php-pear - security update
DSA-4817-1php-pear - security update
DLA-2465-1php-pear - security update
DSA-4378-1php-pear - security update

Search for package or bug name: Reporting problems