

PHP 5.4.3 and PHP 5.3.13 Released - techinsidr
http://www.php.net/archive/2012.php#id2012-05-08-1

======
riledhel
_The releases complete a fix for a vulnerability in CGI-based setups
(CVE-2012-2311). Note: mod_php and php-fpm are not vulnerable to this attack.

PHP 5.4.3 fixes a buffer overflow vulnerability in the
apache_request_headers() (CVE-2012-2329). The PHP 5.3 series is not vulnerable
to this issue._

