Topic: backdored PEAR package
Hello!
recently i read about backdoor in PEAR php
https://twitter.com/pear/status/1086634503731404800
"If you have downloaded this go-pear.phar in the past six months, you should get a new copy of the same release version from "
i found,what some remi packages was builded at Thu 23 Aug 2018 07:36:31 AM MSK
for example:
php70-php-pear-1.10.6-1.el7.remi
and php-pear-1.10.6-1.el7.remi
Can you help and explain from which sources and how this two packages was builded?
i fear that sources have been downloaded from infected PEAR site
thank you