as it is all over the press now that one should not update to PHP 5.3.7
due to a crypt/md5 bug* I feel the need to advice every Arch user to
update to PHP 5.3.7-3 and not to keep 5.3.6. That version has the simple
patch applied while 5.3.6 has known security issues.
I expect 5.3.8 to be announced today though; but who knows? :-)
Pierre Schmitz, https://users.archlinux.de/~pierre