Fedora 15 : php-pear-1.9.2-1.fc15 (2011-2367)

This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

Upstream Changelog :

Important! This is a security fix release. The advisory can be found
at http://pear.php.net/advisory-20110228.txt

Bugs :

- Fixed Bug #17463: Regression: On Windows, svntag [patch
by doconnor]

- Fixed Bug #17641: pecl-list doesn't sort packages by
name [dufuz]

- Fixed Bug #17781: invalid argument warning on foreach
due to an empty optional dependencie [dufuz]

- Fixed Bug #17801: PEAR run-tests wrongly detects
php-cgi [patch by David Jean Louis (izi)]

- Fixed Bug #17839: pear svntag does not tag package.xml
file [dufuz]

- Fixed Bug #17986: PEAR Installer cannot handle files
moved between packages [dufuz]

- Fixed Bug #17997: Strange output if directories are
not writeable [dufuz]

- Fixed Bug #18001: PEAR/RunTest coverage fails [dufuz]

- Fixed Bug #18056 [SECURITY]: Symlink attack in PEAR
install [dufuz]

- Fixed Bug #18218: 'pear package' does not allow the
use of late static binding [dufuz and Christer
Edvartsen]

- Fixed Bug #18238: Wrong return code from 'pear help'
[till]

- Fixed Bug #18308: Broken error message about missing
channel validator [yunosh]

This feature is implemented as a result of #18056

- Implemented Request #16648: Use TMPDIR for builds
instead of /var/tmp [dufuz]

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://pear.php.net/advisory-20110228.txt
http://www.nessus.org/u?5bc07b01

Solution :

Update the affected php-pear package.

Risk factor :

Low / CVSS Base Score : 3.3
(CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:P)
CVSS Temporal Score : 2.9
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Fedora Local Security Checks

Nessus Plugin ID: 52759 ()

Bugtraq ID: 46605

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now