(RHSA-2014:1825) Critical: php security update

PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Server.

A stack-based buffer overflow flaw was found in the way the xmlrpc
extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC
request or response could possibly cause a PHP application to crash or
execute arbitrary code with the privileges of the user running that PHP
application. (CVE-2014-8626)

All php users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing the
updated packages, the httpd daemon must be restarted for the update to
take effect.