On May 6, 2007 a serious vulnerability in the PEAR installer has been discovered and fixed. One is strongly encouraged to upgrade to version 1.5.4. Details about the issue are available here.
This vulnerability is assigned candidate CVE CVE-2007-2519.