[php-maint] Bug#759282: CVE request: php-pear, pear's insecure /tmp/ use for cache data
mmcallis at redhat.com
Tue Aug 26 04:50:09 UTC 2014
It was reported that the pear utility insecurely used the /tmp/
directory for cache data. A local attacker could use this flaw to
perform a symbolic link attack against a user (typically the root user)
running a pear command (such as "pear install").
Could a CVE please be assigned?
Murray McAllister / Red Hat Product Security
More information about the pkg-php-maint