New version 5.2.7 of PHP has improved stability and security
Version 5.2.7 of PHP, the dynamic web-page programming language, is now freely available to download. The project team has focused this release mainly on stability. The new version contains more than 170 bugfixes, half a dozen of them to eliminate security vulnerabilities. All users of PHP should upgrade to the new version, which is described as the most stable version in the 5.2.x development branch.
Stefan Esser, the well known former member of the PHP Security Response Team, points out in his blog that, although the security vulnerability in ZipArchive::extractTo()
that he reported has been fixed, no mention has been made of it in the change log or in the announcement.
(trk)