Security update for php5 (important)

This update of PHP5 brings several security fixes.

Security fixes:

• CVE-2015-6831: A use after free vulnerability in unserialize() has been
  fixed which could be used to crash php or potentially execute code.
  [bnc#942291] [bnc#942294] [bnc#942295]
• CVE-2015-6832: A dangling pointer in the unserialization of ArrayObject
  items could be used to crash php or potentially execute code.
  [bnc#942293]
• CVE-2015-6833: A directory traversal when extracting ZIP files could be
  used to overwrite files outside of intended area. [bnc#942296]
• CVE-2015-6834: A Use After Free Vulnerability in unserialize() has been
  fixed which could be used to crash php or potentially execute code.
  [bnc#945403]
• CVE-2015-6835: A Use After Free Vulnerability in session unserialize()
  has been fixed which could be used to crash php or potentially execute
  code. [bnc#945402]
• CVE-2015-6836: A SOAP serialize_function_call() type confusion leading
  to remote code execution problem was fixed. [bnc#945428]
• CVE-2015-6837 CVE-2015-6838: Two NULL pointer dereferences in the
  XSLTProcessor class were fixed. [bnc#945412]

Bugfixes:

• Compare with SQL_NULL_DATA correctly [bnc#935074]
• If MD5 was disabled in net-snmp we have to disable the used MD5 function
  in ext/snmp/snmp.c as well. (bsc#944302)

Also the Suhosin framework was updated to 0.9.38. [fate#319325]