PHP 4.3.1 has been released to fix a CGI security problem.
PHP contains code for preventing direct access to the CGI binary with configure option “–enable-force-cgi-redirect” and php.ini option “cgi.force_redirect”. In PHP 4.3.0 there is a bug which renders these options useless.