PHP hardening

Hardened-PHP Project has the goal to help with securing applications and webpages. They check well known applications for security holes and inform the vendors about them. The Hardening-Patch is a patchset that adds security hardening features to PHP core and applications.
http://www.hardened-php.net/

PHP PEAR XML_RPC Vulnerability (Drupal xmlrpc.php)
Stefan Esser of the Hardened-PHP Project discovered that the PEAR XML-RPC and phpxmlrpc libraries were improperly handling XMLRPC requests and responses with malformed nested tags.
http://forum.hardened-php.net/viewtopic.php?id=9
https://rhn.redhat.com/errata/RHSA-2005-748.html
http://www.gentoo.org/security/en/glsa/glsa-200508-13.xml
http://www.heise.de/newsticker/meldung/62827