Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 528
Alerts This Week
Warning Icon 1 528

Mageia 8: 2021-0393 Medium: php-pear Symlink Risk Mitigated

mageia
Calendar Grey August 6, 2021
Dist Mageia Esm H88
The latest php-pear updates on Mageia tackle significant symlink security issues. Ensure your system is protected by upgrading to the newest version.
Updated php-pear packages fix security vulnerability: In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive (CVE-2021-32610)

Summary

Updated php-pear packages fix security vulnerability:
In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive (CVE-2021-32610).

References

- https://bugs.mageia.org/show_bug.cgi?id=29299

- https://www.cve.org/CVERecord?id=CVE-2021-32610

Resolution

SRPMS

- 8/core/php-pear-1.10.12-5.2.mga8

Severity
medium
Lowest
Low
Medium
High
Critical

Publication date: 06 Aug 2021
URL: https://advisories.mageia.org/MGASA-2021-0393.html
Type: security
CVE: CVE-2021-32610

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.