[arch-general] php-pear compromised

Amish anon.amish at gmail.com
Thu Jan 24 04:24:58 UTC 2019

On 24/01/19 2:46 am, ProgAndy wrote:
> Am 23.01.19 um 22:08 schrieb Andy Pieters:
>> Any of you seen the news about php-pear?
>> There's an AUR package that downloads from pear.php.net so if that was
>> within the last 6 months it could have been the compromised one?
>> https://thehackernews.com/2019/01/php-pear-hacked.html
> Please read the note in the aur comments.
> https://aur.archlinux.org/packages/php-pear/
> Pierre commented on 2019-01-20 08:55
>> Warning: The change in checksum was due to a security breach > at
> PEAR. The PEAR installer was tainted:
>> https://mobile.twitter.com/pear/status/1086634503731404800
>> You were affected if you installed php-pear 1:1.10.7-2

php-pear AUR package used install-pear-nozlib.phar.

As per this twitter link "nozlib" file was not "harmed"

So "hopefully" installing that package did not do anything malicious.



More information about the arch-general mailing list