- CVE-2014-3668
Fix bug #68027 - fix date parsing in XMLRPC lib
- CVE-2014-3669
Fix bug #68044: Integer overflow in unserialize() (32-bits only)
- CVE-2014-3670
Fix bug #68113 (Heap corruption in exif_thumbnail())
- CVE-2014-3710
Fix bug #68283: fileinfo: out-of-bounds read in elf note headers
Additional bugfix
Fix null byte handling in LDAP bindings in ldap-fix.patch
For Debian 6 Squeeze, these issues have been fixed in php5 version 5.3.3-7+squeeze23