Publishing details

• Created on 2021-07-28 by Ubuntu Archive Auto-Sync
• Removal requested on 2022-07-23.
• Published on 2021-07-28

Changelog

php-pear (1:1.10.12+submodules+notgz+20210212-1ubuntu1) impish; urgency=medium

  * SECURITY REGRESSIONS:
    - debian/patches/CVE-2020-36193-2.patch: fix out-of-path check for
      virtual relative symlink in submodules/Archive_Tar/Archive/Tar.php.
    - debian/patches/CVE-2020-36193-3.patch: PHP compat fix in
      submodules/Archive_Tar/Archive/Tar.php.
  * SECURITY UPDATE: incorrect symlink extraction
    - debian/patches/CVE-2021-32610.patch: properly fix symbolic link path
      traversal in submodules/Archive_Tar/Archive/Tar.php.
    - CVE-2021-32610

 -- Marc Deslauriers <email address hidden>  Wed, 28 Jul 2021 10:39:27 -0400

Builds

• amd64

Package files

• php-pear_1.10.12+submodules+notgz+20210212-1ubuntu1.debian.tar.xz (7.9 KiB)
• php-pear_1.10.12+submodules+notgz+20210212-1ubuntu1.dsc (2.2 KiB)
• php-pear_1.10.12+submodules+notgz+20210212-1ubuntu1_all.deb (285.7 KiB)
• php-pear_1.10.12+submodules+notgz+20210212.orig.tar.gz (2.1 MiB)