PHP version 5.6.40.17.
Backported CVE fixes
- Core:
- Fixed bug #81726: phar wrapper: DOS when using quine gzip file (CVE-2022-31628).
- Fixed bug #81727: Don't mangle HTTP variable names that clash with ones that have a specific semantic meaning (CVE-2022-31629).