PHP has released the version of 4.4.5 today. As listed in their release notes, the PHP development team has included the security fixes and enhancements as follows:

- Fixed possible safe_mode & open_basedir bypasses inside the session extension.
- Fixed unserialize() abuse on 64 bit systems with certain input strings.
- Fixed possible overflows and stack corruptions in the session extension.
- Fixed an underflow inside the internal sapi_header_op() function.
- Fixed possible overflows inside zip & imap extensions.
- Fixed non-validated resource destruction inside the shmop extension.
- Fixed a possible overflow in the str_replace() function.
- Fixed possible clobbering of super-globals in several code paths.
- Fixed a possible information disclosure inside the wddx extension.
- Fixed a possible string format vulnerability in *print() functions on 64 bit systems.
- Fixed a possible buffer overflow inside ibase_{delete,add,modify}_user() function.
- Fixed a string format vulnerability inside the odbc_result_all() function.
- Fixed a possible buffer overflow inside mail() function on Windows.

This is the newest stable version released by PHP development team since August last year when they released the previous version, i.e. 4.4.4 at that time, according to the change log of this released version. Meanwhile, the current users were urged to download this version as soon as possible.

You can also download it by clicking here.