Here are updated packages in the Yum repository:

• PHP 5.5.12 for RHEL/CentOS 5/6 changelog
• PHP 5.4.28 for RHEL/CentOS 5/6 changelog
• Xdebug 2.2.5 changelog

The PHP releases fix CVE-2014-0185, which was causing PHP-fpm to create a world-writeable unix socket if unix sockets were used and the listen.mode configuration setting not changed. However, this fix, as it reduces the permissions of the unix socket, may cause some server setups that relied on this to fail.

If it's not important that the unix socket is world-writable on the server (any linux user on the box can connect to the fastcgi server, and effectively run custom code as the php-fpm user, which isn't unlike using a loopback TCP port anyway), then you can re-enable this by adding to your php-fpm configuration:

listen.mode=0666

There are other, more secure ways of resolving this, which will prevent the potential security issue, such as changing the 'listen.owner' or 'listen.group' setting, which control the owner/group of the unix socket. For instance, if only Nginx was using php-fpm, you could do the following:

listen.owner = nginx

listen.group = nginx

That way, only nginx can talk to php-fpm.

The following packages are in testing, and available for download in the testing repositories:

• php55w 5.5.12

Assuming you have the Webtatic repositories set up (see Yum Repository), you can update using:

    yum update <package> --enablerepo=webtatic-testing

Here are updated packages in the Yum repository:

• PHP 5.5.11 for RHEL/CentOS 5/6 changelog
• PHP 5.4.27 for RHEL/CentOS 5/6 changelog
• MySQL 5.5.37 for CentOS 5/6 changelog

The following packages are in testing, and available for download in the testing repositories:

• php56w 5.6.0beta1
• nginx14 1.4.7

Assuming you have the Webtatic repositories set up (see Yum Repository), you can update using:

    yum update <package> --enablerepo=webtatic-testing

The following packages are in testing, and available for download in the testing repositories:

• php55w 5.5.11
• php54w 5.4.27

Assuming you have the Webtatic repositories set up (see Yum Repository), you can update using:

    yum update <package> --enablerepo=webtatic-testing

The following packages are in testing, and available for download in the testing repositories:

• php56w 5.6.0alpha3

Assuming you have the Webtatic repositories set up (see Yum Repository), you can update using:

    yum update <package> --enablerepo=webtatic-testing

The following packages are in testing, and available for download in the testing repositories:

• php55w 5.5.10
• php54w 5.4.26

Assuming you have the Webtatic repositories set up (see Yum Repository), you can update using:

    yum update <package> --enablerepo=webtatic-testing

The following packages are in testing, and available for download in the testing repositories:

• php56w 5.6.0alpha2 (RHEL/CentOS 6 only)

Assuming you have the Webtatic repositories set up (see Yum Repository), you can update using:

    yum update <package> --enablerepo=webtatic-testing

Here are updated packages in the Yum repository:

• PHP 5.6.0alpha1 for RHEL/CentOS 6
• PHP 5.5.9 for RHEL/CentOS 5/6 changelog
• Apcu 4.0.3 for PHP 5.5.9 on RHEL/CentOS 5/6
• PHP 5.4.25 for RHEL/CentOS 5/6 changelog
• Apcu 4.0.3 for PHP 5.4.25 on RHEL/CentOS 5/6
• Zend OpCache 7.0.3 for PHP 5.4.25 on RHEL/CentOS 5/6
  

The PHP 5.6.0alpha1 release will stay in el6-testing until it's release date, so it's clear it's not suitable for production use yet.

The other PHP releases are bug-fix releases only, no known security issue fixes included.

The following packages are in testing, and available for download in the testing repositories:

• php56w 5.6.0alpha1 (RHEL/CentOS 6 only)
• php55w 5.5.9
• php55w-pecl-apcu 4.0.3
• php54w 5.4.25
• php54w-pecl-apcu 4.0.3
• php55w-pecl-zendopcache 7.0.3
• mysql55w 5.5.36
• mysql51w 5.1.73 (RHEL/CentOS 5 only)

Assuming you have the Webtatic repositories set up (see Yum Repository), you can update using:

    yum update <package> --enablerepo=webtatic-testing