From ${URL} : It was found [1] that there's an issue in php which in some cases may lead to remote code execution. [1]: https://bugs.php.net/bug.php?id=68088 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
As per upstream this is fixed in: 5.6.0 https://bugs.php.net/bug.php?id=68088 Maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
As I understand it, it seems like only php 5.6.0 was affected, but the 5.6 slot has no stable version. As no stable version was affected, there is no need for stabilisation. Affected version removed from the tree.