3 matches found
MGASA-2021-0393 Updated php-pear packages fix security vulnerability
Updated php-pear packages fix security vulnerability: In ArchiveTar before 1.4.14, symlinks can refer to targets outside of the extracted archive CVE-2021-32610...
MGASA-2021-0060 Updated php-pear packages fix a security vulnerability
The updated php-pear packages fix a security vulnerability in component Archivetar, a symlink out-of-path write vulnerability. Tar.php in ArchiveTar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links. CVE-2020-36193...
MGASA-2020-0453 Updated php-pear packages fix security vulnerabilities
Filename manipulation vulnerabilities CVE-2020-28948 / CVE-2020-28949 Updated also ArchiveTar to 1.4.11...