PHP-5.2.6で直っているみたいですね。

Some vulnerabilities have been reported in PHP, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions, and potentially by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
1) An unspecified error in the FastCGI SAPI can be exploited to cause a stack-based buffer overflow.
2) An unspecified error exists in processing incomplete multibyte characters within "escapeshellcmd()".
3) A security issue is caused due to an unspecified error. No further information is currently available.
4) An error in cURL can be exploited to bypass the "safe_mode" directive.
5) A boundary error in PCRE can potentially be exploited by malicious people to cause a DoS or compromise a vulnerable system.