Stuart just committed some cherry-picked fixes for important php problems. Basically, php 5.2.14 came out two weeks ago, with some security fixes, and a lot of extra wankery, but the php people "forgot" to post any announcement to their announce list.
What can we do with such a bunch of wankers ? it's not really our job to rescue such a fucked-up process. As it is, we had a choice: either incorporate php 5.2.14 at the very last minute, and hope that nothing important would be broken, or look very closely at the changes, and incorporate what we could in a safe manner. php is baaad. Yes, more or less everyone uses it, mostly because morons make for cheap slave labor. I don't really expect things to get any better. Security is not really a bunch of badly released advisories mixed with a lot of bugfixes that are probably to be so unstable as to provoke another flurry of bugfixes. Nothing we can really do about that. At least, if they did clean up their process, and send proper announcements, maybe we could do something. But hey, that's free software. Whenever you notice something really unresponsible, and tell the upstream wankers, they will holler they do that in their free time and it's not really their job to care about process nor quality insurance, nor regressions (see php, see ffmpeg, see GNU...)
