On Wed, Jan 23, 2019 at 10:16 PM ProgAndy <ad...@progandy.de> wrote: > Please read the note in the aur comments. > > https://aur.archlinux.org/packages/php-pear/ > Pierre commented on 2019-01-20 08:55 > > > Warning: The change in checksum was due to a security breach > at > PEAR. The PEAR installer was tainted: > > https://mobile.twitter.com/pear/status/1086634503731404800 > > > > You were affected if you installed php-pear 1:1.10.7-2
I admit the wording of my post can do with improving. My intention was trying to convey to the arch-general community that php-pear was compromised and unless people keep up with the tech news, they will not be going to the AUR website to check on their packages so they would not know what happened.
