Bugs fixes in "php-pear"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2020-28948 | Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. | 2020-12-01 |
| CVE | CVE-2020-2894 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.4 | 2020-12-01 |
| CVE | CVE-2020-28949 | Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to o | 2020-12-01 |
| CVE | CVE-2020-28948 | Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. | 2020-12-01 |
| CVE | CVE-2020-2894 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.4 | 2020-12-01 |
| CVE | CVE-2020-28949 | Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to o | 2020-12-01 |
| CVE | CVE-2020-28948 | Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. | 2020-12-01 |
| CVE | CVE-2020-2894 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.4 | 2020-12-01 |
| CVE | CVE-2018-1000888 | PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the Archive_Tar class. There are several file operations with | 2019-01-14 |
| CVE | CVE-2018-1000888 | PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the Archive_Tar class. There are several file operations with | 2019-01-14 |
| CVE | CVE-2018-1000888 | PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the Archive_Tar class. There are several file operations with | 2019-01-14 |
| CVE | CVE-2018-1000888 | PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the Archive_Tar class. There are several file operations with | 2019-01-14 |
About
-
Send Feedback to @ubuntu_updates
