PHP 5.3.5 and 5.2.17 Released!
syndicated from www.php.net
on January 6, 2011
The PHP development team would like to announce the immediate
availability of PHP 5.3.5 and 5.2.17.
This release resolves a critical issue, reported as PHP bug #53632 and
CVE-2010-4645, where conversions from string to double might cause the PHP
interpreter to hang on systems using x87 FPU registers.
The problem is known to only affect x86 32-bit PHP processes, regardless
of whether the system hosting PHP is 32-bit or 64-bit. You can test
whether your system is affected by running this script
from the command line.
All users of PHP are strongly advised to update to these versions
immediately.