See https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-php-could-allow-for-arbitrary-code-execution_2018-046/ This is the second warning in as many months. The current version of PHP distributed with SL 7.4 is "PHP 5.4.16 (cli) (built: Mar 7 2018 12:48:25)" which is vulnerable. Are there plans to distribute version 5.6.36 or newer anytime soon? Jon