I think we've set a new PHP release record today, 3 releases in one day, PHP 5.1.5, 4.4.4 and 5.2.0RC2. The first two are aimed at addressing a series of security faults that were discovered in stable branches. The good thing is that the issues found are mostly local exploits, so upgrading should definitely be a priority to shared hosting providers or multi-user PHP systems. That said, I would still recommend that all users of PHP consider upgrading their installs to the relevant releases. For information about the exploits themselves go to php.net
The tar balls and win32 binaries for the releases can be found here for PHP 5.1.5 and PHP 4.4.4.
As far as PHP 5.2.0RC2, this is an intermediate release,which brings us one step closer to the final release, hopefully sometime in September. As always, I'd like to ask everyone to give this release a try and see if your code runs on it or not and provide the PHP Development team with feedback. We are particularly interested in any new bugs, regression or drops in performance. Since the 5.2.0 release contains a number of performance improvements, we'd also love to hear if your code does in fact run faster on this release.
/usr/local/src/php-5.2.0RC2/ext/openssl/openssl.c: In function `zif_openssl_pkey_get_details':
/usr/local/src/php-5.2.0RC2/ext/openssl/openssl.c:2330: error: `EVP_PKEY_EC' undeclared (first use in this function)
/usr/local/src/php-5.2.0RC2/ext/openssl/openssl.c:2330: error: (Each undeclared identifier is reported only once
/usr/local/src/php-5.2.0RC2/ext/openssl/openssl.c:2330: error: for each function it appears in.)
make: *** [ext/openssl/openssl.lo] Error 1
This one with Debian/GNU Linux:
/usr/local/src/php-5.2.0RC2/ext/bz2/bz2.c:181: error: static declaration of 'php_stream_bz2io_ops' follows non-static declaration
/usr/local/src/php-5.2.0RC2/ext/bz2/php_bz2.h:55: error: previous declaration of 'php_stream_bz2io_ops' was here
make: *** [ext/bz2/bz2.lo] Error 1