"A critical DoS flaw in PHP that was first reported on December 30, 2010 has now been publicly fixed for all PHP users in the open source PHP 5.3.5 and 5.2.17 releases."
http://blog.internetnews.com/skerner/2011/01/php-535-and-5217-out-for-criti.html