php-pear 1:1.10.5+submodules+notgz-1ubuntu1.18.04.1 source package in Ubuntu
Changelog
php-pear (1:1.10.5+submodules+notgz-1ubuntu1.18.04.1) bionic-security; urgency=medium
* SECURITY UPDATE: unserialization vulnerability in Archive_Tar
- debian/patches/CVE-2018-1000888.patch: don't allow filenames to start
with phar:// in submodules/Archive_Tar/Archive/Tar.php.
- CVE-2018-1000888
-- Marc Deslauriers <email address hidden> Fri, 11 Jan 2019 13:23:21 -0500
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Bionic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- php
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| php-pear_1.10.5+submodules+notgz.orig.tar.gz | 2.1 MiB | c47dff694bc69768c197d7b965aa6032a4243e40bafb30b400c2d32f959d3be0 |
| php-pear_1.10.5+submodules+notgz-1ubuntu1.18.04.1.debian.tar.xz | 6.7 KiB | 84553981076784ed4c7cb8273948df4775986383055f5a1ea259cd012148d203 |
| php-pear_1.10.5+submodules+notgz-1ubuntu1.18.04.1.dsc | 2.1 KiB | 629c6d8ac44925dfcdab8c8955c77c37247eaee0eb5d6c5848f73adf07c06648 |
Available diffs
Binary packages built by this source
- php-pear: PEAR Base System
The PEAR package contains:
* the PEAR installer, for creating, distributing
and installing packages
* the PEAR_Exception PHP error handling mechanism
* the PEAR_ErrorStack advanced error handling mechanism
* the PEAR_Error error handling mechanism
* the OS_Guess class for retrieving info about the OS
where PHP is running on
* the System class for quick handling of common operations
with files and directories
* the PEAR base class
Features in a nutshell:
* full support for channels
* pre-download dependency validation
* new package.xml 2.0 format allows tremendous flexibility while maintaining
BC
* support for optional dependency groups and limited support for
sub-packaging
* robust dependency support
* full dependency validation on uninstall
* remote install for hosts with only ftp access - no more problems with
restricted host installation
* full support for mirroring
* support for bundling several packages into a single tarball
* support for static dependencies on a url-based package
* support for custom file roles and installation tasks
