Advisories » MGASA-2021-0393

Updated php-pear packages fix security vulnerability

Publication date: 06 Aug 2021
Modification date: 06 Aug 2021
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-32610

Description

Updated php-pear packages fix security vulnerability:

In Archive_Tar before 1.4.14, symlinks can refer to targets outside
of the extracted archive (CVE-2021-32610).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=29299
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32610

SRPMS

8/core

• php-pear-1.10.12-5.2.mga8