PHP5 was updated with incremental fixes to the previous
update.
- CVE-2012-2335: Additional unsafe cgi wrapper scripts
are also fixed now.
- CVE-2012-2336: Even more commandline option handling
is filtered, which could lead to crashes of the php
interpreter.
- CVE-2012-2386: heap based buffer overflow in php’s
phar extension
- CVE-2012-2143: The crypt() implementation ignored
wide characters, leading to shorter effective password
lengths. Note: With this update applied affected passwords
will no longer work and need to be set again.