This update for php53 fixes the following security issues: - CVE-2016-4073: A remote attacker could have caused denial of service, or possibly execute arbitrary code, due to incorrect handling of string length calculations in mb_strcut - CVE-2015-8867: The PHP function openssl_random_pseudo_bytes did not return cryptographically secure random bytes - CVE-2016-4070: The libxml_disable_entity_loader setting was shared between threads, which could have resulted in XML external entity injection and entity expansion issues - CVE-2015-8866: A remote attacker could have caused denial of service due to incorrect handling of large strings in php_raw_url_encode