November 2022PHP version 5.6.40.17.Backported CVE fixesCore: Fixed bug #81726: phar wrapper: DOS when using quine gzip file (CVE-2022-31628).Fixed bug #81727: Don't mangle HTTP variable names that clash with ones that have a specific semantic meaning (CVE-2022-31629).
