Release | Version |
---|---|
bullseye | 1:1.10.12+submodules+notgz+20210212-1 |
bookworm | 1:1.10.13+submodules+notgz+2022032202-2 |
trixie | 1:1.10.13+submodules+notgz+2022032202-2 |
sid | 1:1.10.13+submodules+notgz+2022032202-2 |
Bug | bullseye | bookworm | trixie | sid | Description |
---|---|---|---|---|---|
CVE-2021-32610 | vulnerable (no DSA) | fixed | fixed | fixed | In Archive_Tar before 1.4.14, symlinks can refer to targets outside of ... |
Bug | bullseye | bookworm | trixie | sid | Description |
---|---|---|---|---|---|
CVE-2017-5630 | vulnerable | vulnerable | vulnerable | vulnerable | PECL in the download utility class in the Installer in PEAR Base Syste ... |
Bug | Description |
---|---|
CVE-2020-36193 | Tar.php in Archive_Tar through 1.4.11 allows write operations with Dir ... |
CVE-2020-28949 | Archive_Tar through 1.4.10 has :// filename sanitization only to addre ... |
CVE-2020-28948 | Archive_Tar through 1.4.10 allows an unserialization attack because ph ... |
CVE-2018-1000888 | PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 ... |
DSA / DLA | Description |
---|---|
DSA-4894-1 | php-pear - security update |
DLA-2621-1 | php-pear - security update |
DSA-4817-1 | php-pear - security update |
DLA-2465-1 | php-pear - security update |
DSA-4378-1 | php-pear - security update |