checked patches against php-5.3.3-40.el6_6.src.rpm. these 4 new since
php-5.3.3-38.el6.src.rpm are already applied in pld:
- fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710
- xmlrpc: fix out-of-bounds read flaw in mkgmtime() CVE-2014-3668
- core: fix integer overflow in unserialize() CVE-2014-3669
- exif: fix heap corruption issue in exif_thumbnail() CVE-2014-3670