PHP contains a use-after-free error in the php_date_timezone_initialize_from_hash() function in ext/date/php_date.c. This may allow a context-dependent attacker to dereference already freed memory and gain access to potentially sensitive information or crash an application linked against PHP.
