The PHP development team is proud to announce the release of PHP 4.4.3. This release combines small number of bug fixes and resolves a number of security issues. All PHP 4.x users are encouraged to upgrade to this release as soon as possible.

The security issues resolved include the following:

Disallow certain characters in session names.
Fixed a buffer overflow inside the wordwrap() function.
Prevent jumps to parent directory via the 2nd parameter of the tempnam() function.
Improved safe_mode check for the error_log() function.
Fixed cross-site scripting inside the phpinfo() function.
The release also includes about 20 bug fixes and an upgraded PCRE library (version 6.6).

For a full list of changes in PHP 4.4.3, see the ChangeLog.