Hello!
The PHP Development Team announces the immediate availability of PHP
5.4.3 and PHP 5.3.13. The releases fix security related issues in a
previous attempt to fix a CGI vulnerability (CVE-2012-2311).
PHP 5.4.3 also contains a fix for a buffer overflow vulnernability in
apache_request_headers (CVE-2012-2329). The PHP 5.3 series is not
affected.
All users are adviced to update to PHP 5.3.13 or PHP 5.4.3!
PHP 5.4.3:
Release Announcement: http://www.php.net/releases/5_4_3.php
Downloads: http://php.net/downloads.php#v5.4.3
ChangeLog: http://www.php.net/ChangeLog-5.php#5.4.3
PHP 5.3.13:
Release Announcement: http://www.php.net/releases/5_3_13.php
Downloads: http://php.net/downloads.php#v5.3.13
ChangeLog: http://www.php.net/ChangeLog-5.php#5.3.13
regards,
Johannes, Stas and David