Publishing details
Changelog
php-pear (1:1.10.12+submodules+notgz+20210212-1ubuntu1) impish; urgency=medium
* SECURITY REGRESSIONS:
- debian/patches/CVE-2020-36193-2.patch: fix out-of-path check for
virtual relative symlink in submodules/Archive_Tar/Archive/Tar.php.
- debian/patches/CVE-2020-36193-3.patch: PHP compat fix in
submodules/Archive_Tar/Archive/Tar.php.
* SECURITY UPDATE: incorrect symlink extraction
- debian/patches/CVE-2021-32610.patch: properly fix symbolic link path
traversal in submodules/Archive_Tar/Archive/Tar.php.
- CVE-2021-32610
-- Marc Deslauriers <email address hidden> Wed, 28 Jul 2021 10:39:27 -0400
Builds
Package files