Here are updated packages in the Yum repository:
- PHP 5.6.6 for RHEL/CentOS 6/7 changelog
- PHP 5.5.22 for RHEL/CentOS 5/6/7 changelog
- PHP 5.4.38 for RHEL/CentOS 5/6/7 changelog
The PHP 5.6.6, 5.5.22 and 5.4.38 releases fixes 1 CVE (along with other bug fixes):
PHP.net also mentions it addresses CVE-2015-0235, however this was just mitigating PHP issues when the glibc security issue is present. Fixing the glibc issue by upgrading the glibc packages is by far more important, as it affects more than just PHP. Glibc is dynamically linked, so PHP didn’t need to be rebuilt to fix the issue.