The php-pear package contains the PHP Extension and Application Repository , a framework and distribution system for reusable PHP components. Security Fix: * Archive_Tar: allows an unserialization attack because phar: is blocked but PHAR: is not blocked * Archive_Tar: improper filename sanitization leads to file overwrites * Archive_Tar: directory traversal due to inadequate checking of symbolic links For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.