File _patchinfo of Package patchinfo.25448

<patchinfo incident="25448">
  <issue tracker="cve" id="2021-32610"/>
  <issue tracker="jsc" id="SLE-24728"/>
  <packager>pgajdos</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for php8-pear</summary>
  <description>This update for php8-pear fixes the following issues:

- Add php8-pear to SLE15-SP4 (jsc#SLE-24728)
- Update to 1.10.21
  - PEAR 1.10.13
    * unsupported protocol - use --force to continue
    * Add $this operator to _determineIfPowerpc calls
- Update to 1.10.20
  - Archive_Tar 1.4.14
    * Properly fix symbolic link path traversal (CVE-2021-32610)
  - Archive_Tar 1.4.13
    * Relative symlinks failing (out-of path file extraction)
  - Archive_Tar 1.4.12
  - Archive_Tar 1.4.11
  - Archive_Tar 1.4.10
    * Fix block padding when the file buffer length is a multiple
      of 512 and smaller than Archive_Tar buffer length
    * Don't try to copy username/groupname in chroot jail

- provides and obsoletes php7-pear-Archive_Tar, former location
  of PEAR/Archive/Tar.php

- Update to version 1.10.19
  - PEAR 1.10.12
    * adjust dependencies based on new releases
  - XML_Util 1.4.5
    * fix Trying to access array offset on value of type int

- Update to version 1.10.18
- Remove pear-cacheid-array-check.patch (upstreamed)
- Contents of .filemap are now sorted internally

- Sort contents of .filemap to make build reproducible

- Recommend php7-openssl to allow https sources to be used
- Modify metadata_dir for system configuration only
- Add /var/lib/pear directory where xml files are stored
- Cleanup %files section

- Only use the GPG keys of Chuck Burgess. Extracted from the 
  Release Manager public keys.
- Add release versions of PEAR modules

- Install metadata files (registry, filemap, channels, ...) in
  /var/lib/pear/ instead of /usr/share/php7/PEAR/

- Update to version 1.10.17
</description>
</patchinfo>