Red Hat Security Advisory 2018-1296-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php70-php. Issues addressed include buffer overflow, cross site scripting, denial of service, heap overflow, remote file inclusion, and use-after-free vulnerabilities.
7d3b1f62dd47f6ccce2cd1aa1495159b5a0ec53d7009c7657d7a8518e489c754
Apple Security Advisory 2016-12-13-1 - macOS 10.12.2 is now available and addresses arbitrary code execution, denial of service, and various other vulnerabilities.
68bf50743be919151d9547b2351d633298a9bfe57d7160fac7541f89315f5b98
Ubuntu Security Notice 3095-1 - Taoguang Chen discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Taoguang Chen discovered that PHP incorrectly handled invalid session names. A remote attacker could use this issue to inject arbitrary session data. Various other issues were also addressed.
5aec96083f99da181560a00863dcd9ce51c64d925bc8cd911930c3d8b4c4d77e
Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
d1146059acae606dba55155e175af3612b0879fd85deb29bc4ed78ae42d5428e