Not 100% for us, but important to know / to whom it may concern:
http://www.h-online.com/open/news/item/Critical-open-hole-in-PHP-creates-ris...
Critical open hole in PHP creates risks
The US CERT is warning of a critical vulnerability in PHP which has been disclosed, by mistake, to the public while the developers are still working on a fix. The vulnerability affect servers that are running PHP in CGI mode; FastCGI for PHP installations are not affected.
** Keine Antwort erforderlich ** no reply needed **
wikitech-l@lists.wikimedia.org