Several new versions of PHP have been released, all of which contain a number of bug fixes. The most serious risk is posed by adversaries with passive monitoring capabilities like the NSA, intelligence agencies, or other capable attackers who may have a foothold on your network. The PHP Group fixed this vulnerability in versions 5.6.11, 5.5.27, and 5.4.43. In addition to those releases, the group also released the beta of version 7.0.0. Users should not deploy this version on production systems and should use it only on test systems.
Source: https://threatpost.com/new-php-releases-fix-bacronym-mysql-flaw/113740/