Ubuntu
php-pear package

Change log for php-pear package in Ubuntu

134 of 34 results FirstPreviousNextLast
Published in oracular-release
Published in noble-release
Published in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
php-pear (1:1.10.13+submodules+notgz+2022032202-2build1) mantic; urgency=medium

  * No change rebuild for php8.2

 -- Athos Ribeiro <email address hidden>  Fri, 19 May 2023 08:08:46 -0300
Superseded in mantic-release
Published in lunar-release
Obsolete in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
php-pear (1:1.10.13+submodules+notgz+2022032202-2) unstable; urgency=medium

  [ Joseph Nahmias]
  * Team upload to unstable

  [ Ondřej Surý ]
  * Revert "Update debian/php-pear.substvars-static" (Closes: #1008180)

 -- Joseph Nahmias <email address hidden>  Wed, 23 Mar 2022 21:58:01 -0400
Superseded in kinetic-release
Published in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
php-pear (1:1.10.12+submodules+notgz+20210212-1ubuntu3) jammy; urgency=medium

  * No change rebuild for updated php-defaults

 -- Bryce Harrington <email address hidden>  Mon, 25 Oct 2021 21:19:29 +0000
Superseded in jammy-proposed 
php-pear (1:1.10.12+submodules+notgz+20210212-1ubuntu2) jammy; urgency=medium

  * No change rebuild for PHP 8.1

 -- Bryce Harrington <email address hidden>  Thu, 21 Oct 2021 18:56:11 +0000
Obsolete in hirsute-updates
Obsolete in hirsute-security 
php-pear (1:1.10.9+submodules+notgz-1.1ubuntu1.1) hirsute-security; urgency=medium

  * SECURITY UPDATE: incorrect symlink extraction
    - debian/patches/CVE-2021-32610.patch: properly fix symbolic link path
      traversal in submodules/Archive_Tar/Archive/Tar.php.
    - CVE-2021-32610

 -- Marc Deslauriers <email address hidden>  Wed, 28 Jul 2021 10:47:32 -0400
Published in bionic-updates
Published in bionic-security 
php-pear (1:1.10.5+submodules+notgz-1ubuntu1.18.04.4) bionic-security; urgency=medium

  * SECURITY UPDATE: incorrect symlink extraction
    - debian/patches/CVE-2021-32610.patch: properly fix symbolic link path
      traversal in submodules/Archive_Tar/Archive/Tar.php.
    - CVE-2021-32610

 -- Marc Deslauriers <email address hidden>  Wed, 28 Jul 2021 10:48:51 -0400
Published in focal-updates
Published in focal-security 
php-pear (1:1.10.9+submodules+notgz-1ubuntu0.20.04.3) focal-security; urgency=medium

  * SECURITY UPDATE: incorrect symlink extraction
    - debian/patches/CVE-2021-32610.patch: properly fix symbolic link path
      traversal in submodules/Archive_Tar/Archive/Tar.php.
    - CVE-2021-32610

 -- Marc Deslauriers <email address hidden>  Wed, 28 Jul 2021 10:48:22 -0400
Superseded in jammy-release
Obsolete in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
php-pear (1:1.10.12+submodules+notgz+20210212-1ubuntu1) impish; urgency=medium

  * SECURITY REGRESSIONS:
    - debian/patches/CVE-2020-36193-2.patch: fix out-of-path check for
      virtual relative symlink in submodules/Archive_Tar/Archive/Tar.php.
    - debian/patches/CVE-2020-36193-3.patch: PHP compat fix in
      submodules/Archive_Tar/Archive/Tar.php.
  * SECURITY UPDATE: incorrect symlink extraction
    - debian/patches/CVE-2021-32610.patch: properly fix symbolic link path
      traversal in submodules/Archive_Tar/Archive/Tar.php.
    - CVE-2021-32610

 -- Marc Deslauriers <email address hidden>  Wed, 28 Jul 2021 10:39:27 -0400
Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
php-pear (1:1.10.12+submodules+notgz+20210212-1) unstable; urgency=medium

  [ Ondřej Surý ]
  * (CVE-2020-36193) Update Archive_Tar to 1.4.12 (Closes: #980428)
  * Remove .gitattributes from submodules as it breaks our build

  [ Mathieu Parent ]
  * Remove all *.tgz files, to ease copyright review

 -- Ondřej Surý <email address hidden>  Fri, 12 Feb 2021 09:05:38 +0100
Superseded in bionic-updates
Superseded in bionic-security 
php-pear (1:1.10.5+submodules+notgz-1ubuntu1.18.04.3) bionic-security; urgency=medium

  * SECURITY UPDATE: directory traversal attack in Archive_Tar
    - debian/patches/CVE-2020-36193-1.patch: disallow symlinks to
      out-of-path filenames in submodules/Archive_Tar/Archive/Tar.php.
    - debian/patches/CVE-2020-36193-2.patch: fix out-of-path check for
      virtual relative symlink in submodules/Archive_Tar/Archive/Tar.php.
    - debian/patches/CVE-2020-36193-3.patch: PHP compat fix in
      submodules/Archive_Tar/Archive/Tar.php..
    - CVE-2020-36193

 -- Marc Deslauriers <email address hidden>  Thu, 04 Feb 2021 10:38:05 -0500
Published in xenial-updates
Published in xenial-security 
php-pear (1:1.10.1+submodules+notgz-6ubuntu0.3) xenial-security; urgency=medium

  * SECURITY UPDATE: directory traversal attack in Archive_Tar
    - debian/patches/CVE-2020-36193-1.patch: disallow symlinks to
      out-of-path filenames in submodules/Archive_Tar/Archive/Tar.php.
    - debian/patches/CVE-2020-36193-2.patch: fix out-of-path check for
      virtual relative symlink in submodules/Archive_Tar/Archive/Tar.php.
    - debian/patches/CVE-2020-36193-3.patch: PHP compat fix in
      submodules/Archive_Tar/Archive/Tar.php..
    - CVE-2020-36193

 -- Marc Deslauriers <email address hidden>  Thu, 04 Feb 2021 10:38:49 -0500
Obsolete in groovy-updates
Obsolete in groovy-security 
php-pear (1:1.10.9+submodules+notgz-1ubuntu0.20.10.2) groovy-security; urgency=medium

  * SECURITY UPDATE: directory traversal attack in Archive_Tar
    - debian/patches/CVE-2020-36193-1.patch: disallow symlinks to
      out-of-path filenames in submodules/Archive_Tar/Archive/Tar.php.
    - debian/patches/CVE-2020-36193-2.patch: fix out-of-path check for
      virtual relative symlink in submodules/Archive_Tar/Archive/Tar.php.
    - debian/patches/CVE-2020-36193-3.patch: PHP compat fix in
      submodules/Archive_Tar/Archive/Tar.php..
    - CVE-2020-36193

 -- Marc Deslauriers <email address hidden>  Thu, 04 Feb 2021 10:36:47 -0500
Superseded in focal-updates
Superseded in focal-security 
php-pear (1:1.10.9+submodules+notgz-1ubuntu0.20.04.2) focal-security; urgency=medium

  * SECURITY UPDATE: directory traversal attack in Archive_Tar
    - debian/patches/CVE-2020-36193-1.patch: disallow symlinks to
      out-of-path filenames in submodules/Archive_Tar/Archive/Tar.php.
    - debian/patches/CVE-2020-36193-2.patch: fix out-of-path check for
      virtual relative symlink in submodules/Archive_Tar/Archive/Tar.php.
    - debian/patches/CVE-2020-36193-3.patch: PHP compat fix in
      submodules/Archive_Tar/Archive/Tar.php..
    - CVE-2020-36193

 -- Marc Deslauriers <email address hidden>  Thu, 04 Feb 2021 10:37:22 -0500
Superseded in impish-release
Obsolete in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
php-pear (1:1.10.9+submodules+notgz-1.1ubuntu1) hirsute; urgency=medium

  * SECURITY UPDATE: directory traversal attack in Archive_Tar
    - debian/patches/CVE-2020-36193-1.patch: disallow symlinks to
      out-of-path filenames in submodules/Archive_Tar/Archive/Tar.php.
    - debian/patches/CVE-2020-36193-2.patch: fix out-of-path check for
      virtual relative symlink in submodules/Archive_Tar/Archive/Tar.php.
    - debian/patches/CVE-2020-36193-3.patch: PHP compat fix in
      submodules/Archive_Tar/Archive/Tar.php..
    - CVE-2020-36193

 -- Marc Deslauriers <email address hidden>  Thu, 04 Feb 2021 10:30:44 -0500
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
php-pear (1:1.10.9+submodules+notgz-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * ensure we catch additional malicious/crafted filenames (CVE-2020-28948,
    CVE-2020-28949) (Closes: #976108)

 -- Salvatore Bonaccorso <email address hidden>  Sun, 06 Dec 2020 14:40:37 +0100
Superseded in bionic-updates
Superseded in bionic-security 
php-pear (1:1.10.5+submodules+notgz-1ubuntu1.18.04.2) bionic-security; urgency=medium

  * SECURITY UPDATE: unserialization attack in Archive_Tar
    - debian/patches/CVE-2020-2894x.patch: catch additional malicious or
      crafted filenames in submodules/Archive_Tar/Archive/Tar.php.
    - CVE-2020-28948
    - CVE-2020-28949

 -- Marc Deslauriers <email address hidden>  Mon, 30 Nov 2020 10:02:42 -0500
Superseded in xenial-updates
Superseded in xenial-security 
php-pear (1:1.10.1+submodules+notgz-6ubuntu0.2) xenial-security; urgency=medium

  * SECURITY UPDATE: unserialization attack in Archive_Tar
    - debian/patches/CVE-2020-2894x.patch: catch additional malicious or
      crafted filenames in submodules/Archive_Tar/Archive/Tar.php.
    - CVE-2020-28948
    - CVE-2020-28949

 -- Marc Deslauriers <email address hidden>  Mon, 30 Nov 2020 10:03:12 -0500
Superseded in focal-updates
Superseded in focal-security 
php-pear (1:1.10.9+submodules+notgz-1ubuntu0.20.04.1) focal-security; urgency=medium

  * SECURITY UPDATE: unserialization attack in Archive_Tar
    - debian/patches/CVE-2020-2894x.patch: catch additional malicious or
      crafted filenames in submodules/Archive_Tar/Archive/Tar.php.
    - CVE-2020-28948
    - CVE-2020-28949

 -- Marc Deslauriers <email address hidden>  Mon, 30 Nov 2020 09:55:16 -0500
Superseded in groovy-updates
Superseded in groovy-security 
php-pear (1:1.10.9+submodules+notgz-1ubuntu0.20.10.1) groovy-security; urgency=medium

  * SECURITY UPDATE: unserialization attack in Archive_Tar
    - debian/patches/CVE-2020-2894x.patch: catch additional malicious or
      crafted filenames in submodules/Archive_Tar/Archive/Tar.php.
    - CVE-2020-28948
    - CVE-2020-28949

 -- Marc Deslauriers <email address hidden>  Mon, 30 Nov 2020 09:55:16 -0500
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
php-pear (1:1.10.9+submodules+notgz-1ubuntu1) hirsute; urgency=medium

  * SECURITY UPDATE: unserialization attack in Archive_Tar
    - debian/patches/CVE-2020-2894x.patch: catch additional malicious or
      crafted filenames in submodules/Archive_Tar/Archive/Tar.php.
    - CVE-2020-28948
    - CVE-2020-28949

 -- Marc Deslauriers <email address hidden>  Mon, 30 Nov 2020 09:55:16 -0500
Superseded in hirsute-release
Obsolete in groovy-release
Published in focal-release
Obsolete in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
php-pear (1:1.10.9+submodules+notgz-1) unstable; urgency=low

  [ Ondřej Surý ]
  * Update PEAR to 1.10.8
  * Update Archive_Tar to 1.4.6
  * Update Console_Getopt to 1.4.2
  * Update maintainer address
  * Update gbp.conf for salsa and enable pristine-tar
  * Bump policy to recent version (no change)

  [ Mathieu Parent ]
  * Update PEAR to 1.10.9
    - Fixes count() on non Countable (Closes: #890433)
  * Update Archive_Tar to 1.4.7
  * Update Structures_Graph to v1.1.1 + 1 minor patch
  * Add debian/README.source
  * Fix package-uses-deprecated-source-override-location
  * Fix insecure-copyright-format-uri
  * Fix debian-watch-uses-insecure-uri
  * Bump debhelper compat to 12
  * Update debian/php-pear.substvars-static
  * Fix manpage-has-errors-from-man
  * Standards-Version: 4.4.0
  * Add debian/salsa-ci.yml
  * Implement the SOURCE_DATE_EPOCH specification (Closes: #750697)

 -- Mathieu Parent <email address hidden>  Thu, 01 Aug 2019 23:15:22 +0200
Superseded in eoan-release
Obsolete in disco-release
Deleted in disco-proposed (Reason: moved to release) 
php-pear (1:1.10.6+submodules+notgz-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Don't allow filenames to start with phar:// (CVE-2018-1000888)
    (Closes: #919147)

 -- Salvatore Bonaccorso <email address hidden>  Sun, 13 Jan 2019 11:49:26 +0100
Superseded in bionic-updates
Superseded in bionic-security 
php-pear (1:1.10.5+submodules+notgz-1ubuntu1.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: unserialization vulnerability in Archive_Tar
    - debian/patches/CVE-2018-1000888.patch: don't allow filenames to start
      with phar:// in submodules/Archive_Tar/Archive/Tar.php.
    - CVE-2018-1000888

 -- Marc Deslauriers <email address hidden>  Fri, 11 Jan 2019 13:23:21 -0500
Obsolete in cosmic-updates
Obsolete in cosmic-security 
php-pear (1:1.10.5+submodules+notgz-1ubuntu1.18.10.1) cosmic-security; urgency=medium

  * SECURITY UPDATE: unserialization vulnerability in Archive_Tar
    - debian/patches/CVE-2018-1000888.patch: don't allow filenames to start
      with phar:// in submodules/Archive_Tar/Archive/Tar.php.
    - CVE-2018-1000888

 -- Marc Deslauriers <email address hidden>  Fri, 11 Jan 2019 13:19:50 -0500
Superseded in xenial-updates
Superseded in xenial-security 
php-pear (1:1.10.1+submodules+notgz-6ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: unserialization vulnerability in Archive_Tar
    - debian/patches/CVE-2018-1000888.patch: don't allow filenames to start
      with phar:// in submodules/Archive_Tar/Archive/Tar.php.
    - CVE-2018-1000888

 -- Marc Deslauriers <email address hidden>  Fri, 11 Jan 2019 13:24:22 -0500
Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release) 
php-pear (1:1.10.6+submodules+notgz-1) unstable; urgency=medium

  * Update PEAR to 10.1.6

 -- Ondřej Surý <email address hidden>  Mon, 01 Oct 2018 12:15:44 +0000
Superseded in disco-release
Obsolete in cosmic-release
Published in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
php-pear (1:1.10.5+submodules+notgz-1ubuntu1) bionic; urgency=medium

  * debian/patches/php72_count_of_notcountable.patch: PHP7.2 warns when
    count() is called on non-Countable.

 -- Nishanth Aravamudan <email address hidden>  Wed, 14 Feb 2018 10:22:41 -0800
Superseded in bionic-release
Obsolete in artful-release
Deleted in artful-proposed (Reason: moved to release) 
php-pear (1:1.10.5+submodules+notgz-1) unstable; urgency=medium

  * Update PEAR to 1.10.5
  * Update Archive_Tar to 1.4.3
  * Update XML_Util to 1.4.3

 -- Ondřej Surý <email address hidden>  Thu, 10 Aug 2017 23:19:49 +0200
Superseded in artful-release
Obsolete in zesty-release
Deleted in zesty-proposed (Reason: moved to release) 
php-pear (1:1.10.1+submodules+notgz-9) unstable; urgency=medium

  * Fix Vcs-* fields (was pointing to pkg-php-tools)
  * Standards-Version: 3.9.8, no change

 -- Mathieu Parent <email address hidden>  Wed, 25 Jan 2017 07:48:36 +0100
Superseded in zesty-release
Obsolete in yakkety-release
Deleted in yakkety-proposed (Reason: moved to release) 
php-pear (1:1.10.1+submodules+notgz-8) unstable; urgency=medium

  * Remove /usr/share/php/{.depdb,.filemap}
    - As they would be outdated.
    - This also fixes the last remaining FTBR

 -- Mathieu Parent <email address hidden>  Sun, 24 Apr 2016 00:54:49 +0200
Superseded in yakkety-release
Published in xenial-release
Deleted in xenial-proposed (Reason: moved to release) 
php-pear (1:1.10.1+submodules+notgz-6) unstable; urgency=medium

  * Add mv_conffile to move existing /etc/pear.conf to /etc/pear/pear.conf

 -- Ondřej Surý <email address hidden>  Tue, 22 Mar 2016 09:48:02 +0100
Superseded in xenial-release
Deleted in xenial-proposed (Reason: moved to release) 
php-pear (1:1.10.1+submodules+notgz-4) unstable; urgency=medium

  * pecl command needs to run without -n to pickup default PHP cli
    configuration, so XML module gets loaded
  * php-pear needs to pull XML extension as packaged in php-xml both into
    Depends and Build-Depends

 -- Ondřej Surý <email address hidden>  Thu, 03 Mar 2016 11:17:21 +0100
Superseded in xenial-proposed
Superseded in xenial-proposed
Superseded in xenial-proposed 
php-pear (1:1.10.1+submodules+notgz-3~build2) xenial; urgency=medium

  * No-change rebuild to build in universe and clear a wrong dep-wait.

 -- Steve Langasek <email address hidden>  Thu, 18 Feb 2016 19:39:15 +0000
Superseded in xenial-proposed 
php-pear (1:1.10.1+submodules+notgz-3~build1) xenial; urgency=medium

  * Upload from the Debian NEW queue.  LP: #1543324.

 -- Steve Langasek <email address hidden>  Thu, 18 Feb 2016 03:54:18 -0800
134 of 34 results FirstPreviousNextLast