This update for php53 fixes the following security issues: - CVE-2016-7478: When unserializing untrusted input data, PHP could end up in an infinite loop, causing denial of service - CVE-2016-10158: The exif_convert_any_to_int function in ext/exif/exif.c in PHP allowed remote attackers to cause a denial of service via crafted EXIF data that triggers an attempt to divide the minimum representable negative integer by -1. - CVE-2016-10159: Integer overflow in the phar_parse_pharfile function in ext/phar/phar.c in PHP allowed remote attackers to cause a denial of service via a truncated manifest entry in a PHAR archive. - CVE-2016-10160: Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP allowed remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted PHAR archive with an alias mismatch. - CVE-2016-10161: The object_common1 function in ext/standard/var_unserializer.c in PHP allowed remote attackers to cause a denial of service via crafted serialized data that is mishandled in a finish_nested_data call. - CVE-2016-10166: A potential unsigned underflow in gd interpolation functions could lead to memory corruption in the PHP gd module - CVE-2016-10167: A denial of service problem in gdImageCreateFromGd2Ctx could lead to php out of memory even on small files. - CVE-2016-10168: A signed integer overflow in the gd module could lead to memory corruption