- fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710

- spl: fix use-after-free in ArrayIterator due to object
  change during sorting. CVE-2014-4698
- spl: fix use-after-free in SPL Iterators. CVE-2014-4670
- gd: fix NULL pointer dereference in gdImageCreateFromXpm.
  CVE-2014-2497
- fileinfo: fix incomplete fix for CVE-2012-1571 in
  cdf_read_property_info. CVE-2014-3587
- core: fix incomplete fix for CVE-2014-4049 DNS TXT
  record parsing. CVE-2014-3597

- core: type confusion issue in phpinfo(). CVE-2014-4721
- date: fix heap-based buffer over-read in DateInterval. CVE-2013-6712
- core: fix heap-based buffer overflow in DNS TXT record parsing.
  CVE-2014-4049
- core: unserialize() SPL ArrayObject / SPLObjectStorage type
  confusion flaw. CVE-2014-3515
- fileinfo: out-of-bounds memory access in fileinfo. CVE-2014-2270
- fileinfo: unrestricted recursion in handling of indirect type
  rules. CVE-2014-1943
- fileinfo: out of bounds read in CDF parser. CVE-2012-1571
- fileinfo: cdf_check_stream_offset boundary check. CVE-2014-3479
- fileinfo: cdf_count_chain insufficient boundary check. CVE-2014-3480
- fileinfo: cdf_unpack_summary_info() excessive looping
  DoS. CVE-2014-0237
- fileinfo: CDF property info parsing nelements infinite
  loop. CVE-2014-0238

- add security fix for CVE-2013-6420

- add security fix for CVE-2013-4248

- add security fix for CVE-2013-4113

- add security fix for CVE-2010-2950

- correct detection of = in CVE-2012-1823 fix (#818607)

- add security fix for CVE-2012-0830 (#786758)

- add security fix for CVE-2012-0830 (#786757)

- remove extra php.ini-prod/devel files caused by %patch -b

- improve CVE-2011-1466 fix to cover CAL_GREGORIAN, CAL_JEWISH

- add security fixes for CVE-2010-3710, CVE-2010-4156, 
  CVE-2010-4645 (#670463)

- update to 5.3.3 (#658315)