SL7.5 has a newer version 5.4.16-45.el7 which may have the fixes backported.
Cheers
Bill
-----Original message-----
> From:Jon Brinkmann <brinkm...@nmsu.edu>
> Sent: Saturday 28th April 2018 12:19
> To: scientific-linux-us...@listserv.fnal.gov
> Subject: Multiple Vulnerabilities in PHP Could Allow for Arbitrary Code
> Execution
>
> See
> https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-php-could-allow-for-arbitrary-code-execution_2018-046/
>
> This is the second warning in as many months. The current version of PHP
> distributed with SL 7.4 is "PHP 5.4.16 (cli) (built: Mar 7 2018 12:48:25)"
> which is vulnerable. Are there plans to distribute version 5.6.36 or
> newer anytime soon?
>
> Jon
>
>