php5 - multiple vulnerabilities

Several remote vulnerabilities have been discovered in PHP 5, an
hypertext preprocessor. The Common Vulnerabilities and Exposures
project identifies the following problems:

• CVE-2009-4142
  The htmlspecialchars function does not properly handle invalid
  multi-byte sequences.
• CVE-2009-4143
  Memory corruption via session interruption.

In the stable distribution (lenny), this update also includes bug fixes
(bug #529278, #556459, #565387, #523073) that were to be included in a
stable point release as version 5.2.6.dfsg.1-1+lenny5.

For the stable distribution (lenny), these problems have been fixed in
version 5.2.6.dfsg.1-1+lenny6.

For the testing distribution (squeeze) and the unstable distribution (sid),
these problems have been fixed in version 5.2.12.dfsg.1-1.

We recommend that you upgrade your php5 packages.