- security issues
  . CVE-2018-10545 FPM: Dumpable FPM child processes allow bypassing opcache access controls (#75605)
  . CVE-2018-10546 iconv: stream filter convert.iconv leads to infinite loop on invalid sequence (#76249)
  . CVE-2018-10548 LDAP: Malicious LDAP-Server Response causes Crash (#76248)
  . CVE-2018-10547 Phar: fix for CVE-2018-5712 may not be complete (#76129)

- security issues
  . CVE-2017-7890 Buffer over-read from unitialized data in gdImageCreateFromGifCtx function

- security issues
  . CVE-2017-9224 fixed mbstring Oniguruma
  . CVE-2017-9226 fixed mbstring Oniguruma
  . CVE-2017-9227 fixed mbstring Oniguruma
  . CVE-2017-9228 fixed mbstring Oniguruma
  . CVE-2017-9229 fixed mbstring Oniguruma
- fixed execdir bugs
  . fixed #15 But when using "2>&1" in exec command
  . fixed #16 error "NULL byte detected."

- security issues
  . CVE-2016-9933 GD: imagefilltoborder stackoverflow on truecolor images (#72696)
  . CVE-2016-10161 Standard: Heap out of bounds read on unserialize in finish_nested_data() (#73825)
  . CVE-2016-10159 Phar: Crash while loading hostile phar archive (#73764)
  . CVE-2016-10160 Phar: Memory corruption when loading hostile phar (#73768)
  . CVE-2016-10167 GD: DOS vulnerability in gdImageCreateFromGd2Ctx() (#73868)
  . CVE-2016-10168 GD: Signed Integer Overflow gd_io.c (#73869)
  . CVE-2016-10158 EXIF: FPE when parsing a tag format (#73737)

- security issues
  . nosafe_mode_exec_dir: backtics and $() syntax weakness after semi colon #8
    https://github.com/OOPS-ORG-PHP/mod_execdir/issues/8

- security issues
  . CVE-2016-5399 BZ2: do not treat negative returns from bz2 as size_t (#72613)
  . CVE-2016-5766 GD: Integer Overflow in _gd2GetHeader() resulting in heap overflow (#72339)
  . CVE-2016-5767 GD: Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow (#72446)

- security issues
  . CVE-2016-5385 Core: don't set environmental variable based on user supplied Proxy request header

- fixed zend_mm_heap corrupted problems of exec_dir patch
- security issues
  . CVE-2016-4070 Standard: Integer Overflow in php_raw_url_encode (#71798)
  . CVE-2016-4072 Phar: Invalid memory write in phar on filename with \0 in name (#71860)
  . CVE-2016-4073 Mbstring: AddressSanitizer: negative-size-param (-1) in mbfl_strcut (#71906)
  . CVE-2015-8865 Fileinfo: Buffer over-write in finfo_open with malformed magic file (#71527)
  . CVE-2016-3074 GD: libgd: signedness vulnerability (#71912)
  . fixed bug #72099 XML: xml_parse_into_struct segmentation fault
  . CVE-2016-4343 Phar: Uninitialized pointer in phar_make_dirstream() (#71331)
  . fixed bug #72135 Core: Integer Overflow in php_html_entities
  . fixed bug #72114 Core: Integer underflow / arbitrary null write in fread/gzread
  . CVE-2015-8874 GD: Stack overflow with imagefilltoborder (#66387)
  . CVE-2015-8383, CVE-2015-8386, CVE-2015-8387, CVE-2015-8389,
    CVE-2015-8390, CVE-2015-8391, CVE-2015-8393, CVE-2015-8394
    Upgraded pcrelib to 8.38

- security issues
  . fixed bug #71039 Core: exec functions ignore length but look for NULL termination
  . fixed bug #71323 Core: Output of stream_get_meta_data can be falsified by its input
  . fixed bug #71459 Core: Integer overflow in iptcembed()
  . fixed bug #71354 Phar: Heap corruption in tar/zip/phar parser
  . fixed bug #71391 Phar: NULL Pointer Dereference in phar_tar_setupmetadata()
  . fixed bug #71488 Phar: Stack overflow when decompressing tar archives

- security issues
  . fixed bug #69720 Phar: Null pointer dereference in phar_get_fp_offset()
  . fixed bug #70433 Phar: Uninitialized pointer in phar_make_dirstream when zip entry filename is "/"
  . fixed bug #70728 XMLRPC: Type Confusion Vulnerability in PHP_to_XMLRPC_worker()
  . fixed bug #70755 FPM: fpm_log.c memory leak and buffer overflow
  . fixed bug #70661 WDDX: Use After Free Vulnerability in WDDX Packet Deserialization
  . Fixed bug #70741 WDDX: Session WDDX Packet Deserialization Type Confusion Vulnerability

- security issues
  . CVE-2015-6834 core: Use After Free Vulnerability in unserialize() (#70172, #70365)
  . CVE-2015-6835 core: Use after free vulnerability in session deserializer (#70219)
  . CVE-2015-6836 soap: serialize_function_call() type confusion / RCE (#70388)
  . CVE-2015-6837 xslt: NULL pointer dereference (#69782)
  . CVE-2015-6838 xslt: NULL pointer dereference (#69782)
  . #70385 exif: Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes
  . #70312 hash: HAVAL gives wrong hashes in specific cases
  . #70345 pcre: Multiple vulnerabilities related to PCRE functions
  . #70350 zip:  ZipArchive::extractTo allows for directory traversal when creating directories

- fixed php-pgsql obsolete

- security issues
  . CVE-2014-9425
  . CVE-2014-9709
  . CVE-2014-9705
  . CVE-2015-2301
  . CVE-2015-2783
  . CVE-2015-3329
  . CVE-2015-4021
  . CVE-2015-4022
  . CVE-2015-4024
  . CVE-2015-4026

- official bug fix
  . #69353 Missing null byte checks for paths in various PHP extensions
  . #69152 Type Confusion Infoleak Vulnerability in unserialize() with SoapFault

- security issues
  . CVE-2015-2331 ZIP: Integer Overflow leads to writing past heap boundary (#69253)
  . CVE-2015-2305 Ereg: heap overflow vulnerability in regcomp.c (#69248)
  . CVE-2015-2787 Core: Use After Free Vulnerability in unserialize() (#68976)
  . CVE-2015-1352 pgsql: Null pointer deference (#68741)

- security issues
  . CVE-2015-0273 Use after free vulnerability in unserialize() (#68594)

- security issues
  . CVE-2014-8142 Use after free vulnerability in unserialize() (#68594)
  . CVE-2015-0232 Free called on unitialized pointer (#68799)
  . CVE-2015-0231 Use After Free Vulnerability in PHP's unserialize() (#68710)
  . CVE-2015-0235 Mitigation for glibc gethostbyname buffer overflow (#68925)

- security issues
  . CVE-2014-3668 (#68027) Global buffer overflow in mkgmtime() function
  . CVE-2014-3670 (#68113) Heap corruption in exif_thumbnail()
  . CVE-2014-3669 (#68044) Integer overflow in unserialize() (32-bits only)
  . CVE-2014-3710 (#68283) fileinfo: out-of-bounds read in elf note headers

- security issues
  . CVE-2014-3597 (#67717) segfault in dns_get_record
  . CVE-2014-5120 (#b67730) Null byte injection possible with imagexxx functions
  . CVE-2014-2497 (#66901) php-gd 'c_color' NULL pointer dereference
  . CVE-2014-3587 (#67716) Segfault in cdf.c

- Official bug fix
  . #66127 Segmentation fault with ArrayObject unset
  . #67247 spl_fixedarray_resize integer overflow
  . #67249 printf out-of-bounds read
  . #67250 iptcparse out-of-bounds read
  . #67252 convert_uudecode out-of-bounds read
  . #67359 Segfault in recursiveDirectoryIterator
  . #67390 insecure temporary file use in the configure script (CVE-2014-3981)
  . #67399 putenv with empty variable may lead to crash
  . #67492 unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion (CVE-2014-3515)
  . #67498 phpinfo() Type Confusion Information Leak Vulnerability
  . #67251 date_parse_from_format out-of-bounds read
  . #67253 timelib_meridian_with_check out-of-bounds read
  . #66307 Fileinfo crashes with powerpoint files
  . #67326 fileinfo: cdf_read_short_sector insufficient boundary check (CVE-2014-0207)
  . #67327 fileinfo: CDF infinite loop in nelements DoS (CVE-2014-0238)
  . #67328 fileinfo: numerous file_printf calls resulting in performance degradation (CVE-2014-0237)
  . #67410 fileinfo: mconvert incorrect handling of truncated pascal string size.
  . #67411 fileinfo: cdf_check_stream_offset insufficient boundary check.
  . #67412 fileinfo: cdf_count_chain insufficient boundary check.
  . #67413 fileinfo: cdf_read_property_info insufficient boundary check.
  . #67349 Locale::parseLocale Double Free
  . #67397 Buffer overflow in locale_get_display_name and uloc_getDisplayName (libicu 4.8.1)
  . #67432 Fix potential segfault in dns_check_record()). (CVE-2014-4049)
  . Fix missing type checks in various functions

- security issues
  . CVE-2014-3981
  . CVE-2014-3515
  . CVE-2014-0207
  . CVE-2014-0238
  . CVE-2014-0237
  . CVE-2014-4049

- security issues
  . CVE-2013-7345 #66946 extensive backtracking in awk rule regular expression

- security issue
  . CVE-2014-2270 #66820 out-of-bounds memory access in fileinfo
  . CVE-2014-1943 #66731 file: infinite recursion

- Official bug fix
  . #66501 Add EC key support to php_openssl_is_private_key
  . #60602 proc_open() changes environment array
  . #66535 Don't add newline after X-PHP-Originating-Script
  . #66762i Segfault in mysqli_stmt::bind_result() when link closed

- fixed segfault in mysqlnd when doing long prepare from patch of 5.3.7
  news #72595 (http://news.php.net/php.cvs/72595)
  http://git.php.net/?p=php-src.git;a=commitdiff;h=9fc38183b707341b6eddb8c196d0ea2b7c13d6a9

- update 5.3.28

- security issue
  . CVE-2013-6420 Fixed memory corruption in openssl_x509_parse()

- Official bug fix
  . #62672 Error on serialize of ArrayObject
  . #60560 SplFixedArray un-/serialize, getSize(), count() return 0,
           keys are strings
  . #65328 Segfault when getting SplStack object Value
  . #64802 openssl_x509_parse fails to parse subject properly in some cases
  . #50308 session id not appended properly for empty anchor tags
  . #65564 stack-buffer-overflow in DateTimeZone stuff caught
  . #65554 createFromFormat broken when weekday name is followed
  . #65458 curl memory leak
  . #60598 cli/apache sapi segfault on objects manipulation
  . #61759 class_alias() should accept classes with leading backslashes
  . #62396 'make test' crashes starting with 5.3.14 (missing gzencode())
  . #61548 content-type must appear at the end of headers for 201 Location
           to work in htt
  . #64441 FILTER_VALIDATE_URL rejects fully qualified domain names
  . #65708 dba functions cast $key param to string in-place, bypassing copy
           on write
  . #64157 DateTime::createFromFormat() reports confusing error message
  . #51936 Crash with clone XMLReader
  . #64230 XMLReader does not suppress errors
  . #64760 var_export() does not use full precision for floating-point numbers
  . #66033 Segmentation Fault when constructor of PDO statement throws an exception
  . #65946 sql_parser permanently converts values bound to strings on PDO
  . #66124 mysqli under mysqlnd loses precision when bind_param with 'i'
  . #66141 mysqlnd quote function is wrong with NO_BACKSLASH_ESCAPES after
           failed query
  . #66043 Segfault calling bind_param() on mysqli
  . #64874 json_decode handles whitespace and case-sensitivity incorrectly
  . #66094 unregister_tick_function tries to cast a Closure to a string
  . #66321 ZipArchive::open() ze_obj->filename_len not real
  . #66229 128.0.0.0/16 isn't reserved any longer
  . #65873 Integer overflow in exif_read_data()
  . #65196 Passing DOMDocumentFragment to DOMDocument::saveHTML() Produces
           invalid Markup
  . #63391 Incorrect/inconsistent day of week prior to the year 1600
  . #61599 Wrong Day of Week
  . #66060 Heap buffer over-read in DateInterval
  . #61645 fopen and O_NONBLOCK

- security issues
  . CVE-2013-4073 Fixed handling null bytes in subjectAltName

- update 5.3.27

- security issues
  . #65236 heap corruption in xml parser

- update 5.3.26
- update pecl libevent extension 0.1.0
- update pecl ncurses extension 1.0.2

- Official bug fix
  . #53437 Crash when using unserialized DatePeriod instance
  . #64949 Buffer overflow in _pdo_pgsql_error.
  . #64609 pg_convert enum type support.
  . #64960 Segfault in gc_zval_possible_root.
  . #64934 Apache2 TS crash with get_browser()
  . #64966 segfault in zend_do_fcall_common_helper_SPEC
  . #64997 Segfault while using RecursiveIteratorIterator on 64-bits systems

- security issues
  . CVE 2013-2110 Heap based buffer overflow in quoted_printable_encode (#64879)

- add ldap pagenation patch from PHP 5.4
- build fpm sapi