This update for php5 fixes the following security issues:
- CVE-2016-7411: php5: Memory corruption when destructing deserialized
object
- CVE-2016-7412: Heap overflow in mysqlnd when not receiving UNSIGNED_FLAG
in BIT field
- CVE-2016-7413: Use after free in wddx_deserialize
- CVE-2016-7414: Out of bounds heap read when verifying signature of zip
phar in phar_parse_zipfile
- CVE-2016-7416: Stack based buffer overflow in msgfmt_format_message
- CVE-2016-7417: Missing type check when unserializing SplArray
- CVE-2016-7418: Null pointer dereference in php_wddx_push_element
This update was imported from the SUSE:SLE-12:Update update project.