With PHP 5.2.9 (see announcement), the PHP development team corrects a total of 50 bugs. The bugs rate 10 out of 10 on the vulnerability-severity scale, thanks to the ease of exploitation. Impacted are PHP-based websites running a vulnerable version of the web-app creation tool Zend Framework and some Laminas Project releases.Impacted are websites running vulnerable versions of the tool and some of the latest releases of the PHP Group’s PHP-related software.
Source: https://threatpost.com/php-ships-patch-security-holes-022709/72371/