A few hours ago I've concluded a 2 month long release process of PHP 5.2.7 that been over 6 months in the making. Hurrah ;-) As you can imagine, from the extended timeline, the bug fix list is quite long, in fact there are over 170 different bug fixes in just about all of the extensions and code paths, so hopefully 5.2.7 will be the most stable 5.2 release to date. There are also just over a half dozen security fixes, so you should take a look and see if they affect your PHP use cases. The official release announcement can be found here and for those of your bored enough a full change log is also available. As usual a big thanks to all of the developers who has spent the time investigating and fixing bugs and all the folks who reported them as well, especially the ones keep an eye on the security stuff.

Yesterday, yet another version of PHP 5, 5.2.6 was released. It look a bit longer then I hoped it would, but in the end results are definitely worth it. There are over 120 different bug fixes that are designed to make PHP that much more stable. Quite a few corner case crashes have been addressed, many of which were identified by the ever increasing unit testing (big thanks to all the folks writing tests), which now offers 55.7% code coverage. As always, there are a few security bug fixes as well, details of which you can find in the release announcement. To see the complete Change Log go here, the more brief release announcement ca be found here.

The slides from my talk at PHP Quebec on the upcoming PHP 5.3 release are up and can be found here. I hope that all the people who attended the talk had found it useful and are now convinced 5.3 is the way to go ;-)

The first release candidate of 5.2.5 is now available for testing and can be downloaded from here: http://downloads.php.net/ilia/php-5.2.5RC1.tar.bz2(md5sum: 2f0c9ecbd50213958e9b69ec69f715ec). This RC includes a fair number of fixes since our last release and predominantly works on improving the stability of the 5.2 tree as well as including a small number of minor security fixes. I'd like to ask everyone to test this release against your code and setups, we are aiming for a quick release cycle and user feedback is critical for a successful release.

I've finally got a bit of free time to official post the slides from my "State of PHP Security" talk from Zend Conference 2007. You can find the slides here. The session was a bit different from the usual talks I give on security, focusing on summarizing the efforts done so far this year aimed at improving PHP's own security and the things we are still working on improving.