PEAR - PHP Extension and Application Repository

» What is it?

PEAR is a framework and distribution system for reusable PHP components.

Sounds good? Perhaps you might want to know about installing PEAR on your system or installing pear packages.

You can find help using PEAR packages in the online manual and the FAQ.

If you have been told by other PEAR developers to sign up for a PEAR website account, you can use this interface.

» Hot off the Press

Security Vulnerability Announcement: Archive_Tar

A vulnerability in the Archive_Tar package has been found which potentially allows remote code execution.

A new release of the package is available which fixes this issue. One is strongly encouraged to upgrade to it by using:

$ pear upgrade Archive_Tar-1.4.4

Thanks to Fariskhi Vidyan who reported this issue.

Security Vulnerability Announcement: HTML_QuickForm

A vulnerability in the HTML_QuickForm package has been found which potentially allows remote code execution.

A new release of the package is available which fixes this issue. One is strongly encouraged to upgrade to it by using:

$ pear upgrade HTML_QuickForm-3.2.15

Thanks to Patrick Fingle and the CiviCRM Security Team who reported this issue.

CVECVE-2018-1999022

Security Vulnerability Announcement: HTML_AJAX

Another vulnerability in the HTML_AJAX package has been found which potentially allows remote code execution.

An new release of the package is available which fixes this issue. One is strongly encouraged to upgrade to it by using:

$ pear upgrade HTML_AJAX-0.5.8

This issue is CVE-2017-5677. More details can be found in bug #21165.

Thanks to Egidio Romano who reported this issue.

PEAR Community

Need help?

You can find help and support on our mailing lists and IRC channel.

Our developers are also on LinkedIn, OpenHub, Twitter as well as the wiki.