Hi guys,
PHP team announces its next release with some extra features.This release continues to improve the security and the stability of the 5.X branch and all users are strongly encouraged to upgrade to it as soon as possible

And Fixes in
* Fixed CVE-2007-1001, GD wbmp used with invalid image size
* Fixed a header injection via Subject and To parameters to the mail() function
* Fixed asciiz byte truncation inside mail()
* Fixed wrong length calculation in unserialize S type
* Fixed a bug in mb_parse_str() that can be used to activate register_globals
* Fixed unallocated memory access/double free in in array_user_key_compare()
* Fixed a double free inside session_regenerate_id()
* Added missing open_basedir & safe_mode checks to zip:// and bzip:// wrappers.
* Fixed substr_compare and substr_count information leak
* Limit nesting level of input variables with max_input_nesting_level
* Fixed CRLF injection inside ftp_putcmd().
* Fixed a possible super-global overwrite inside import_request_variables().
* Fixed a remotely trigger-able buffer overflow inside make_http_soap_request().
* Fixed a buffer overflow inside user_filter_factory_create().
* Fixed a remotely trigger-able buffer overflow inside bundled libxmlrpc library.

The key improvements of PHP 5.2.2 include:

* Further improvements to the Memory Manager with the goal of improving realloc() performance.
* Bundled GD, SQLite and PCRE libraries were upgraded.
* Additional methods were added to SPL's DirectoryIterator and SplFileInfo classes.
* Over 120 bug fixes.

For further information look on PHP: PHP 5.2.2 Release Announcement

__________________
With,
J. Jeyaseelan
Everything Possible

The PHP development team would like to announce the immediate availability of PHP 5.2.4. This release focuses on improving the stability of the PHP 5.2.X branch with over 120 various bug fixes in addition to resolving several low priority security bugs. All users of PHP are encouraged to upgrade to this release.

Security Enhancements and Fixes in PHP 5.2.4:

* Fixed a floating point exception inside wordwrap() (Reported by Mattias Bengtsson)
* Fixed several integer overflows inside the GD extension (Reported by Mattias Bengtsson)
* Fixed size calculation in chunk_split() (Reported by Gerhard Wagner)
* Fixed integer overflow in str[c]spn(). (Reported by Mattias Bengtsson)
* Fixed money_format() not to accept multiple %i or %n tokens. (Reported by Stanislav Malyshev)
* Fixed zend_alter_ini_entry() memory_limit interruption vulnerability. (Reported by Stefan Esser)
* Fixed INFILE LOCAL option handling with MySQL extensions not to be allowed when open_basedir or safe_mode is active. (Reported by Mattias Bengtsson)
* Fixed session.save_path and error_log values to be checked against open_basedir and safe_mode (CVE-2007-3378) (Reported by Maksymilian Arciemowicz)
* Fixed a possible invalid read in glob() win32 implementation (CVE-2007-3806) (Reported by shinnai)
* Fixed a possible buffer overflow in php_openssl_make_REQ (Reported by zatanzlatan at hotbrev dot com)
* Fixed an open_basedir bypass inside glob() function (Reported by dr at peytz dot dk)
* Fixed a possible open_basedir bypass inside session extension when the session file is a symlink (Reported by c dot i dot morris at durham dot ac dot uk)
* Improved fix for MOPB-03-2007.
* Corrected fix for CVE-2007-2872.

Key enhancements in PHP 5.2.4 include:

* Upgraded PCRE to version 7.2
* Added persistent connection status checker to pdo_pgsql.
* Fixed oci8 and PDO_OCI extensions to allow configuring with Oracle 11g client libraries.
* Fixed bug #41831 (pdo_sqlite prepared statements convert resources to strings).
* Fixed bug #41770 (SSL: fatal protocol error due to buffer issues)
* Fixed bug #41713 (Persistent memory consumption on win32 since 5.2)
* Over 120 bug fixes.

__________________
Thanks & Regards
Sabari...