Latest Updates, PHP 5.3.28 updated with CVE-2014-0185 fix

Here are updated packages in the Yum repository:

As with the previous post, this PHP 5.3.28 release fixes CVE-2014-0185, which was causing PHP-fpm to create a world-writeable unix socket if unix sockets were used and the listen.mode configuration setting not changed. However, this fix, as it reduces the permissions of the unix socket, may cause some server setups that relied on this to fail. See the previous post for more information. hasn't yet released a security fix themselves for PHP 5.3.