PHP 5.3.9 released

Attack known since 2003 - now fixed. Hooray!

This issue has been known since at least 2003 and has influenced Perl and CRuby 1.9 to change their hash functions to include randomization.
http://www.nruns.com/_downloads/advisory28122011.pdf
Shared publicly