Several remote vulnerabilities have been discovered in PHP 5, an hypertext preprocessor. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-4142 The htmlspecialchars function does not properly handle invalid multi-byte sequences. CVE-2009-4143 Memory corruption via session interruption. In the stable distribution , this update also includes bug fixes that were to be included in a stable point release as version 5.2.6.dfsg.1-1+lenny5. For the stable distribution , these problems have been fixed in version 5.2.6.dfsg.1-1+lenny6. For the testing distribution and the unstable distribution , these problems have been fixed in version 5.2.12.dfsg.1-1. We recommend that you upgrade your php5 packages.