http://www.php.net/releases/5_2_4.php * Fixed a possible open_basedir bypass inside session extension when the session file is a symlink (Reported by c dot i dot morris at durham dot ac dot uk)
*** This bug has been marked as a duplicate of 169857 ***