Security Enhancements for both PHP 5.3.11 and PHP 5.4.1:
Fixed bug #54374 (Insufficient validating of upload name leading to corrupted $_FILES indices). (CVE-2012-1172).
Add open_basedir checks to readline_write_history and readline_read_history.
Security Enhancement affecting PHP 5.3.11 only:
Fixed bug #61043 (Regression in magic_quotes_gpc fix for CVE-2012-0831).
Key enhancements in these releases include:
Added debug info handler to DOM objects.
Fixed bug #61172 (Add Apache 2.4 support).
For a full list of changes in PHP 5.3.11 and PHP 5.4.1, see the ChangeLog. For source downloads please visit our downloads page.
Only install PHP 5.4 if you’re certain that your apps don’t need Ioncube or are compatible with the beta versions created for 5.4 (Linux only unfortunately)