This is a maintenance release that in addition to several non-critical bug fixes, addresses an input validation vulnerability in escapeshellcmd() and escapeshellarg() functions on the Windows platform. Users of PHP on Windows are encouraged to upgrade to this release as soon as possible.

• WIndows版の4.3.6を含む古いバージョンが対象
  • 本来エスケープされるべき文字列がすりぬけてしまう。