This update for php53 fixes several issues. These security issues were fixed: - CVE-2016-10712: In PHP all of the return values of stream_get_meta_data could be controlled if the input can be controlled . - CVE-2018-5712: Prevent reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file that allowed for information disclosure - CVE-2018-5711: Prevent integer signedness error that could have lead to an infinite loop via a crafted GIF file allowing for DoS - CVE-2016-5773: php_zip.c in the zip extension in PHP improperly interacted with the unserialize implementation and garbage collection, which allowed remote attackers to execute arbitrary code or cause a denial of service via crafted serialized data containing a ZipArchive object. - CVE-2016-5771: spl_array.c in the SPL extension in PHP improperly interacted with the unserialize implementation and garbage collection, which allowed remote attackers to execute arbitrary code or cause a denial of service via crafted serialized data. - CVE-2018-7584: Fixed stack-based buffer under-read while parsing an HTTPresponse in the php_stream_url_wrap_http_ex