php-pear-1.9.4-4.AXS4
エラータID: AXSA:2012-73:01
Release date:
Monday, February 6, 2012 - 20:03
Subject:
php-pear-1.9.4-4.AXS4
Affected Channels:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
Low
Description:
PEAR is a framework and distribution system for reusable PHP components. This package contains the basic PEAR components.
Security issues fixed with this release:
CVE-2011-1072
The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories, a different vulnerability than CVE-2007-2519.
Solution:
Update packages.
CVEs:
CVE-2011-1072
The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories, a different vulnerability than CVE-2007-2519.
The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories, a different vulnerability than CVE-2007-2519.
Additional Info:
N/A
Download:
SRPMS
- php-pear-1.9.4-4.AXS4.src.rpm
MD5: a44d6f81113ae0e7c8ff7470bc4ae3d9
SHA-256: fb2bc4c4fe808cef8493b0b5a793126cabd9059bcf16a7b7923412000ecd78c4
Size: 407.38 kB
Asianux Server 4 for x86
- php-pear-1.9.4-4.AXS4.noarch.rpm
MD5: d5e93e08411fa62ee9bf8b8c4dde6d9e
SHA-256: 71c31153f8d09c09c5fe626b23725b0b1c45f56600c32107e2a1e682b9eeb536
Size: 392.61 kB
Asianux Server 4 for x86_64
- php-pear-1.9.4-4.AXS4.noarch.rpm
MD5: 98e67ce935368fa5da3a25d3c4a91508
SHA-256: 157bd46dfbdb731ca7d6c672058132791a413b36f93da8406debd4edb8ac00eb
Size: 392.08 kB
日本語