The slides for the Migrating to 5.2.1 from the Vancouver conference are now available, they can be found here: http://ilia.ws/files/vancouver_php52.pdf

The slides from the caching talk in Vancouver are now available online and can be downloaded here: http://ilia.ws/files/vancouver_cache.pdf

It took a bit longer then originally anticipated, but PHP 5.2.1 was finally released today. Big thanks to all the people who have helped make this release possible, by reporting bugs, identifying security issues and of course helping to resolve those issues and improving the language in general. The focus of this release was making PHP 5.2 more stable and more secure. The complete shopping list of changes can be found here. The official release announcement can be found at http://www.php.net/releases/5_2_1.php, it details the major changes and all of the security fixes that have been made in this release. Given the significant number of security issues that were resolved, my recommendation is that all users of PHP, especially those running really old versions (You know who you are ;-) ) consider upgrading to this release as soon as possible. Not only will the security of your setup increase, but the stability and the performance of your PHP will improve as well. The tarballs and the binaries that c...

Through an interview on SecurityFocus Stefan Esser has just announced his plans for the "Month of PHP Bugs" (MOPB?) during March 2007. It would be interesting to see what issues he discovers, hopefully most of them have already been reported to the PHP Security Team, in which case the upcoming 5.2.1 release will provide a resolution path for affected users. Hopefuly, unlike the MOAB and MOKB, the reported issues are not going to be infamous 0-day vulnerabilities. If they are however, which would be unfortunate, I think we'd be looking at a security fix only release in April, while releasing patches to address individual issues on a daily basis. Either way, I have to look at this as a free security audit of PHP by someone with a clue about security and ultimately, in the long run it will only make PHP better, even if March is going to be rather busy ;-)