CVE-2012-2329 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2329): Buffer overflow in the apache_request_headers function in sapi/cgi/cgi_main.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service (application crash) via a long string in the header of an HTTP request. Please punt vulnerable versions. Thanks.
Removed in CVS now. Sorry for the delay
(In reply to comment #1) > Removed in CVS now. Sorry for the delay Thanks! Closing noglsa for ~arch only (PHP 5.4.x).