This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.
The remote Fedora host is missing a security update.
Upstream Changelog :
Important! This is a security fix release. The advisory can be found
- Fixed Bug #17463: Regression: On Windows, svntag [patch
- Fixed Bug #17641: pecl-list doesn't sort packages by
- Fixed Bug #17781: invalid argument warning on foreach
due to an empty optional dependencie [dufuz]
- Fixed Bug #17801: PEAR run-tests wrongly detects
php-cgi [patch by David Jean Louis (izi)]
- Fixed Bug #17839: pear svntag does not tag package.xml
- Fixed Bug #17986: PEAR Installer cannot handle files
moved between packages [dufuz]
- Fixed Bug #17997: Strange output if directories are
not writeable [dufuz]
- Fixed Bug #18001: PEAR/RunTest coverage fails [dufuz]
- Fixed Bug #18056 [SECURITY]: Symlink attack in PEAR
- Fixed Bug #18218: 'pear package' does not allow the
use of late static binding [dufuz and Christer
- Fixed Bug #18238: Wrong return code from 'pear help'
- Fixed Bug #18308: Broken error message about missing
channel validator [yunosh]
This feature is implemented as a result of #18056
- Implemented Request #16648: Use TMPDIR for builds
instead of /var/tmp [dufuz]
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.
See also :
Update the affected php-pear package.
Risk factor :
Low / CVSS Base Score : 3.3
CVSS Temporal Score : 2.9
Public Exploit Available : true