If you use the popular PEAR PHP extension or have within the last 6 months, there is a possibility that a backdoor could have been introduced depending on how you installed the extension.
"... this does *not* affect the PEAR installer package itself... it affects the go-pear.phar executable that you would use to initially install the PEAR installer. Using the `pear` command to install various PEAR package is *not* affected."
There is still a lot of questions and PEAR PHP are in the process of investigating the full extent of what happened. Please check the references below for the latest updates.
Reference(s):
------------
https://twitter.com/pear
http://blog.pear.php.net/
https://arstechnica.com/information-technology/2019/01/pear-php-site-breach-lets-hackers-slip-malware-into-official-download/
About Us:
--------
RACK911 Labs (HostingSecList) has quickly risen to the top as one of the most respected security firms in the hosting industry. We have already been responsible for finding over 400 new security vulnerabilities in software used by millions and we are on a mission to help secure the internet.
https://www.RACK911Labs.com
RACK911 Labs
1110 Palms Airport Drive, Suite 110
Las Vegas, NV 89119
1-855-RACK911
============================================================
UNSUBSCRIBE:
https://hostingseclist.us3.list-manage.com/unsubscribe?u=722bc323a024d15a407baae81&id=3d82a776ec&t=b&e=[UNIQID]&c=1f9de12164
FORWARD EMAIL:
https://us3.forward-to-friend.com/forward?u=722bc323a024d15a407baae81&id=1f9de12164&e=[UNIQID]
UPDATE PROFILE:
https://hostingseclist.us3.list-manage.com/profile?u=722bc323a024d15a407baae81&id=3d82a776ec&e=[UNIQID]&c=1f9de12164