php 5.5.36 和 5.6.22 发布了。
php 5.5.36 更新内容： core:
fixed bug #72114 (integer underflow / arbitrary null write in fread/gzread). (cve-2016-5096)
fixed bug #72135 (integer overflow in php_html_entities). (cve-2016-5094)
gd:
fixed bug #72227 (imagescale out-of-bounds read). (cve-2013-7456)
intl:
fixed bug #72241 (get_icu_value_internal out-of-bounds read). (cve-2016-5093)
phar:
fixed bug #71331 (uninitialized pointer in phar_make_dirstream()). (cve-2016-4343)
详情页面： changelog
windows source 和 binaries ：  windows.php.net/download/
下载地址：   downloads page
php 5.6.22 更新内容： core:
fixed bug #72172 (zend_hex_strtod should not use strlen).
fixed bug #72114 (integer underflow / arbitrary null write in fread/gzread). (cve-2016-5096)
fixed bug #72135 (integer overflow in php_html_entities). (cve-2016-5094)
gd:
fixed bug #72227 (imagescale out-of-bounds read). (cve-2013-7456)
intl:
fixed bug #64524 (add intl.use_exceptions to php.ini-*).
fixed bug #72241 (get_icu_value_internal out-of-bounds read). (cve-2016-5093)
postgres:
fixed bug #72151 (mysqli_fetch_object changed behaviour).
详情页面： changelog
windows source 和 binaries  ：  windows.php.net/download/
下载地址：   downloads page