The PHP development team would like to announce the immediate availability of PHP 5.2.11. This release focuses on improving the stability of the PHP 5.2.x branch with over 75 bug fixes, some of which are security related. All users of PHP 5.2 are encouraged to upgrade to this release.
Security Enhancements and Fixes in PHP 5.2.11:
Fixed certificate validation inside php_openssl_apply_verification_policy. (Ryan Sleevi, Ilia)
Fixed sanity check for the color index in imagecolortransparent(). (Pierre)
Added missing sanity checks around exif processing. (Ilia)
Fixed bug #44683 (popen crashes when an invalid mode is passed). (Pierre)
Key enhancements in PHP 5.2.11 include:
Fixed regression in cURL extension that prevented flush of data to output defined as a file handle.
A number of fixes for the FILTER_VALIDATE_EMAIL validation rule
Fixed bug #49361 (wordwrap() wraps incorrectly on end of line boundaries).
Fixed bug #48696 (ldap_read() segfaults with invalid parameters)
Fixed bug #48645 (mb_convert_encoding() doesn't understand hexadecimal html-entities).
Fixed bug #48619 (imap_search ALL segfaults).
Fixed bug #48400 (imap crashes when closing stream opened with OP_PROTOTYPE flag).
Fixed bug #47351 (Memory leak in DateTime).
Over 60 other bug fixes are included in this release.
For more information, visit the php.announce page at http://news.php.net/php.announce/78