Comment 3 for bug 286851

For what it's worth, I used the patches from the Debian Lenny php5 package without modification to backport to Hardy. The resulting package is available in my PPA: <https://launchpad.net/~malept/+archive>. The package also contains the patch for CVE-2008-5557, and an updated PEAR installation.