As per this new Secunia advisory, the Mandriva group has officially released updates to their PHP packages:
Mandriva has issued an update for php. This fixes some vulnerabilities, where some have unknown impacts and others can be exploited by malicious, local users to bypass certain security restrictions, malicious users to bypass certain security restrictions, gain escalated privileges, disclose potentially sensitive information, or cause a DoS (Denial of Service), and by malicious people to bypass certain security restrictions and cause a DoS.
The original advisory has more detailed information (like what the patch fixes) and the checksums for all of the packages to update. Update your installation quickly and easily with the MandrivaUpdate system.