The PHP development team would like to announce the immediate availability of PHP 5.4.3 and PHP 5.3.13. All users are encouraged to upgrade to PHP 5.4.3 or PHP 5.3.13The releases complete a fix for a vulnerability in CGI-based setups (CVE-2012-2311). Note: mod_php and php-fpm are not vulnerable to this attack.PHP 5.4.3 fixes a buffer overflow vulnerability in the apache_request_headers() (CVE-2012-2329). The PHP 5.3 series is not vulnerable to this issue.For source downloads of PHP 5.4.3 and PHP 5.3.13 please visit our downloads page, Windows binaries can be found on windows.php.net/download/. The list of changes are recorded in the ChangeLog.

PHP.NET

The PHP development team announces the immediate availability of PHP 5.3.11 and PHP 5.4.1. These releases focuses on improving the stability of the current PHP branches with over 60 bug fixes, some of which are security related.Security Enhancements for both PHP 5.3.11 and PHP 5.4.1:Fixed bug #54374 (Insufficient validating of upload name leading to corrupted $_FILES indices). (CVE-2012-1172).Add open_basedir checks to readline_write_history and readline_read_history.Security Enhancement affecting PHP 5.3.11 only:Fixed bug #61043 (Regression in magic_quotes_gpc fix for CVE-2012-0831).Key enhancements in these releases include:Added debug info handler to DOM objects.Fixed bug #61172 (Add Apache 2.4 support).For a full list of changes in PHP 5.3.11 and PHP 5.4.1, see the ChangeLog. For source downloads please visit our downloads page, Windows binaries can be found on windows.php.net/download/.All users of PHP are strongly encouraged to upgrade to PHP 5.3.11 or PHP 5.4.1.

PHP.NET

The PHP development team would like to announce the 2nd release candidate of PHP 5.4.1. Windows binaries can be downloaded from the Windows QA site. THIS IS A RELEASE CANDIDATE - DO NOT USE IT IN PRODUCTION! This is the 2nd release candidate. The release candidate phase is intended as a period of bug fixing prior to the stable release. The release candidate fixes a critical issue when using the internal classes in multiple threads. A complete list of changes since the last release candidate can be found in the NEWS file. Please help us to identify bugs in order to ensure that the release is solid and all things behave as expected by taking the time to test this release candidate against your code base and reporting any problems that you encounter to the QA mailing list and/or the PHP bug tracker. PHP 5.4.1 final will be released on April 26.

PHP.NET

The migration of the PHP source code from Subversion to Git is complete. You can clone or fork the source from our GitHub mirror, and we also now support pull requests made via GitHub. The source is also available via git.php.net, and full instructions on cloning the php-src tree can be found at php.net/git. One immediate benefit is that future PHP release tags will be signed by the PHP development team. We will be releasing GPG keys for verification purposes in the next few days. More information on the migration and the new workflow can be found at the Moving to Git FAQ on the PHP Wiki. Please note that the PHP manual, including translations, continues to be hosted in Subversion for the time being and will be migrated to Git at a later date. Many thanks to David Soria Parra for his hard work on making the conversion to Git a reality, and to Alexander Moskaliov, Florian Anderiasch and Johannes Schlüter for their work on the scripts required to support the conversion. Let the forking begin!

PHP.NET

The PHP development team is proud to announce the immediate availability of PHP 5.4.0. This release is a major leap forward in the 5.x series, which includes a large number of new features and bug fixes. Some of the key new features include: traits, a shortened array syntax, a built-in webserver for testing purposes and more. PHP 5.4.0 significantly improves performance, memory footprint and fixes over 100 bugs. For users upgrading from PHP 5.3 there is a migration guide available here, detailing the changes between those releases and PHP 5.4.0. Further details about the PHP 5.4.0 release can be found in the release announcement, and the full list of changes are available in the ChangeLog. Please note that it may take a while until the release is available on all mirrors.

PHP.NET