PHP4 XML_RPC Security Alert

There is a security vulnerability in PHP’s XML RPC. Until a new release includes the fix, there is a simple way you can update your PHP installation. Assuming you are using my PHP package, type this in the Terminal (note, it downloads and installs a patch from

sudo /usr/local/php4/bin/pear upgrade XML_RPC

You can update Apple’s PHP by leaving off the path to pear.

You should do this update even on a fresh download of my PHP package until a permanent solution is included.