There is a new php4 out and the one you have listed and the one on the cvs tree are old and have vulns. I would be happy if you or some one could fix this promptly. Ive been trying to install it and 'portupgrade php4' trys to install the old buggy version.