MGASA-2021-0393 - Updated php-pear packages fix security vulnerability

Publication date: 06 Aug 2021
URL: https://advisories.mageia.org/MGASA-2021-0393.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2021-32610

Updated php-pear packages fix security vulnerability:

In Archive_Tar before 1.4.14, symlinks can refer to targets outside
of the extracted archive (CVE-2021-32610).

References:
- https://bugs.mageia.org/show_bug.cgi?id=29299
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32610

SRPMS:
- 8/core/php-pear-1.10.12-5.2.mga8