Debian Security Advisory DSA 3126-1 (php5 - security update)

Summary
It was discovered that libmagic as used by PHP, would trigger an out of bounds memory access when trying to identify a crafted file. Additionally, this updates fixes a potential dependency loop in dpkg trigger handling.
Solution
For the stable distribution (wheezy), this problem has been fixed in version 5.4.36-0+deb7u3. For the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your php5 packages.
Insight
This package is a metapackage that, when installed, guarantees that you have at least one of the four server-side versions of the PHP5 interpreter installed. Removing this package won't remove PHP5 from your system, however it may remove other packages that depend on this one.
Affected
php5 on Debian Linux
Detection
This check tests the installed software version using the apt package manager.
References