PHP52 vulnerability

[Andrea Venturoli]

Hello.

As you probably know, it looks like php52 is vulnerable:

Affected package: php52-5.2.17
Type of problem: php -- NULL byte poisoning.
Reference: 
http://portaudit.FreeBSD.org/3761df02-0f9c-11e0-becc-0022156e8794.html

Is there any news on the horizon?
Will a new version be released and/or the port updated?
Any possible patch?

Don't get me wrong, I'm not sentimentally tied to this version of php.
Rather, the problem is the fun the dev team must have experienced going 
a long way into deprecation of tons of things, which, by the way, breaks 
almost any non trivial application I know of (a couple of examples being 
KnowledgeTree and Horde).
On some box I tried the switch and had to go back immediately.

  bye & Thanks
	av.