According to the development team, access details for a number of accounts were stolen during a hack of the PHP developer wiki server wiki.php.net. Initial investigations have found that no other servers were compromised, but there was concern that the PHP source code might have been modified, as the stolen access data also provides access to the PHP repository.
The developers report that they therefore carried out a detailed code audit and checked every code commit in the subversion repository since version 5.3.5. According to a brief statement on www.php.net, no indication that changes had been made has been detected. The hack exploited a vulnerability in the CMS (DokuWiki), and unknown perpetrators were then able to escalate their privileges by use of a Linux root exploit.

The link for this article located at H Security is no longer available.