Gentoo Linux Security Advisory 201611-22 - Multiple vulnerabilities have been found in PHP, the worst of which could lead to arbitrary code execution or cause a Denial of Service condition. Versions less than 5.6.28 are affected.
52e724112af437f442f0e544ef13d31b93ca4b1cc384b4d064b812122fe84921
Ubuntu Security Notice 3095-1 - Taoguang Chen discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Taoguang Chen discovered that PHP incorrectly handled invalid session names. A remote attacker could use this issue to inject arbitrary session data. Various other issues were also addressed.
5aec96083f99da181560a00863dcd9ce51c64d925bc8cd911930c3d8b4c4d77e
Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
6d370eaf47671123ec53c8c465bf85d2e6c0eedc97b5cd8b7ba8dc522ab16261