A php-pear security update has been released for Fedora 33.

SECURITY: Fedora 33 Update: php-pear-1.10.12-4.fc33

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-f351eb14e3
2020-12-02 10:39:54.177827
--------------------------------------------------------------------------------

Name : php-pear
Product : Fedora 33
Version : 1.10.12
Release : 4.fc33
URL :   http://pear.php.net/package/PEAR
Summary : PHP Extension and Application Repository framework
Description :
PEAR is a framework and distribution system for reusable PHP
components. This package contains the basic PEAR components.

--------------------------------------------------------------------------------
Update Information:

* Fix Bug #27002: Filename manipulation vulnerabilities (CVE-2020-28948 /
CVE-2020-28949) [mrook]
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 23 2020 Remi Collet - 1:1.10.12-4
- update Archive_Tar to 1.4.11
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-f351eb14e3' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys