Information about PHP support and security patches for end-of-life versions

Solution Verified - Updated -


  • As per this webpage, PHP 5.4 already reaches its end-of-life and The default PHP version in RHEL7 is 5.4.
    • How does Red Hat backport for a version that upstream has already stopped releasing security patches for and where does Red Hat get the fixes from ?
    • Is it safe for customers to continue to use the default PHP v5.4 for the whole supported life cycle of RHEL7 into the future ?
    • And, for example, rh-php56 is the version provided by RHSCL, and upstream PHP v5.6 will be obsolete in a year's time. What will happen to the support for rh-php56 then ? When will it be removed from RHSCL, i.e. end of support ?


  • Red Hat Enterprise Linux
    • 7.x
  • Red Hat Software Collections
    • 3.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content