This website is deprecated, and remains online only for historic access to old issues and docs for historic versions of Virtualmin. It has been unmaintained for several years, and should not be relied on for up-to-date information. Please visit www.virtualmin.com instead.

PHP Pear COMPROMISED

1 post / 0 new

Topic locked

#1 Thu, 01/24/2019 - 07:27

ucchino

PHP Pear COMPROMISED

Apparently PHP Pear could be infected. I refer to the pear site: http://pear.php.net/

A security breach has been found on the http://pear.php.net webserver, with a tainted go-pear.phar discovered. The PEAR website itself has been disabled until a known clean site can be rebuilt. A more detailed announcement will be on the PEAR Blog once it's back online.

If you have downloaded this go-pear.phar in the past six months, you should get a new copy of the same release version from GitHub (pear/pearweb_phars) and compare file hashes. If different, you may have the infected file.

To date, the site is offline