php-pear 1:1.10.1+submodules+notgz-6ubuntu0.3 source package in Ubuntu
Changelog
php-pear (1:1.10.1+submodules+notgz-6ubuntu0.3) xenial-security; urgency=medium * SECURITY UPDATE: directory traversal attack in Archive_Tar - debian/patches/CVE-2020-36193-1.patch: disallow symlinks to out-of-path filenames in submodules/Archive_Tar/Archive/Tar.php. - debian/patches/CVE-2020-36193-2.patch: fix out-of-path check for virtual relative symlink in submodules/Archive_Tar/Archive/Tar.php. - debian/patches/CVE-2020-36193-3.patch: PHP compat fix in submodules/Archive_Tar/Archive/Tar.php.. - CVE-2020-36193 -- Marc Deslauriers <email address hidden> Thu, 04 Feb 2021 10:38:49 -0500
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Xenial
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- php
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Xenial | updates | main | php | |
Xenial | security | main | php |
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
php-pear_1.10.1+submodules+notgz.orig.tar.gz | 2.1 MiB | a9ec24292beb2a8caf1b42c0ed801d0105afc63c7dcc57449f12e54caecc815c |
php-pear_1.10.1+submodules+notgz-6ubuntu0.3.debian.tar.xz | 7.2 KiB | 86cf5685875b3485593202c1a8426bc583e1c3b26de2a433bbe680f4e2f46071 |
php-pear_1.10.1+submodules+notgz-6ubuntu0.3.dsc | 2.1 KiB | 439ba12d908289c6d1db7a01dbecc8b426f5bd649820c5eae88cbbdbd129f203 |
Available diffs
Binary packages built by this source
- php-pear: PEAR Base System
The PEAR package contains:
* the PEAR installer, for creating, distributing
and installing packages
* the PEAR_Exception PHP error handling mechanism
* the PEAR_ErrorStack advanced error handling mechanism
* the PEAR_Error error handling mechanism
* the OS_Guess class for retrieving info about the OS
where PHP is running on
* the System class for quick handling of common operations
with files and directories
* the PEAR base class
Features in a nutshell:
* full support for channels
* pre-download dependency validation
* new package.xml 2.0 format allows tremendous flexibility while maintaining
BC
* support for optional dependency groups and limited support for
sub-packaging
* robust dependency support
* full dependency validation on uninstall
* remote install for hosts with only ftp access - no more problems with
restricted host installation
* full support for mirroring
* support for bundling several packages into a single tarball
* support for static dependencies on a url-based package
* support for custom file roles and installation tasks