Upgrading PHP 5.6.2, 5.5.18 and 5.4.34 with the elimination of vulnerabilities

---

The PHP developers have eliminated four vulnerabilities in their products

The update fixed a vulnerability that could lead to an integer overflow.

PHP developers have released a patches 5.6.2, 5.5.18 and 5.4.34 for your scripting language that eliminates four vulnerabilities, including CVE-2014-1668, CVE-2014-3669 and CVE-2014-3670.

All holes were discovered in September of this year. The most dangerous of the patched vulnerabilities is CVE-2014-3669.  It can cause an integer overflow when parsing specially designed serialize data using the unserialize () function. (more…)