PHP5 has been updated to fix four security vulnerabilities:
* Heap-based buffer overflow in DNS TXT record parsing (CVE-2014-4049)
* NULL pointer dereference in GD XPM decoder (CVE-2014-2497)
* Memory corrpution in openssl_parse_x509 (CVE-2013-6420)
* Attackers can perform man-in-the-middle attacks by specially
crafting certificates (CVE-2013-4248)
Security Issues:
* CVE-2014-4049
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049</a>>
* CVE-2014-2497
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497</a>>
* CVE-2013-6420
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420</a>>
* CVE-2013-4248
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4248">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4248</a>>